rjd@althea.UUCP (Rob Diamond) (11/17/87)
This is slide, a little program I find very handy on the 3b1. It allows
selected users to become root without prompting for a password. You can
run slide with no arguments, in which case it invokes a shell ($SHELL) with
root permissions, or you can run it with arguments, in which case it runs
the arguments as a command line with root permissions.
You need superuser privilages to install this. It wants a group to exist
that has permissions to run this (see README). Be careful with this
program, if installed improperly, people who you don't want to be root may
be able to become root.
------------------------(cut here)---------------------------------------
#! /bin/sh
# This is a shell archive. Remove anything before this line, then unpack
# it by saving it into a file and typing "sh file". To overwrite existing
# files, type "sh file -c". You can also feed this as standard input via
# unshar, or by typing "sh <file", e.g.. If this archive is complete, you
# will see the following message at the end:
# "End of archive 1 (of 1)."
# Contents: MANIFEST slide.c README Makefile
# Wrapped by rjd@waldo on Tue Nov 17 09:53:33 1987
PATH=/bin:/usr/bin:/usr/ucb ; export PATH
if test -f MANIFEST -a "${1}" != "-c" ; then
echo shar: Will not over-write existing file \"MANIFEST\"
else
echo shar: Extracting \"MANIFEST\" \(174 characters\)
sed "s/^X//" >MANIFEST <<'END_OF_MANIFEST'
XFilename Archive #
X----------------------------
X MANIFEST (This File) 01
X slide.c 01
X README 01
X Makefile 01
END_OF_MANIFEST
if test 174 -ne `wc -c <MANIFEST`; then
echo shar: \"MANIFEST\" unpacked with wrong size!
fi
# end of overwriting check
fi
if test -f slide.c -a "${1}" != "-c" ; then
echo shar: Will not over-write existing file \"slide.c\"
else
echo shar: Extracting \"slide.c\" \(1288 characters\)
sed "s/^X//" >slide.c <<'END_OF_slide.c'
X/*********************************************
X * slide - become superuser temporarily *
X * *
X * Copyright 1987 - Robert Diamond *
X * diamond@althea.rutgers.edu *
X * *
X * With no arguments, slide will exec a *
X * shell with root permissions. The shell *
X * should be specified in environment *
X * variable $SHELL. *
X * *
X * With arguments, slide will treat the *
X * arguments as a command line and try to *
X * execute the command with root permissions*
X * and exit. *
X *********************************************/
X
X#include <errno.h>
X
Xmain(argc, argv)
Xint argc;
Xchar *argv[];
X{
X char *shell, *getenv();
X
X shell = getenv("SHELL"); /* Get desired shell */
X setuid(0); /* Setuid root */
X setgid(0); /* Setgid root */
X putenv("LOGNAME=root");
X putenv("PS1=# ");
X if(argc <= 1) /* No arguments */
X {
X if(shell)
X {
X execlp(shell, shell, 0);
X perror(shell);
X }
X else
X {
X execl("/bin/sh", "sh", 0);
X perror("/bin/sh");
X }
X
X }
X else /* There are arguments */
X {
X execvp(argv[1], &argv[1]);
X perror(argv[1]);
X }
X}
END_OF_slide.c
if test 1288 -ne `wc -c <slide.c`; then
echo shar: \"slide.c\" unpacked with wrong size!
fi
# end of overwriting check
fi
if test -f README -a "${1}" != "-c" ; then
echo shar: Will not over-write existing file \"README\"
else
echo shar: Extracting \"README\" \(1217 characters\)
sed "s/^X//" >README <<'END_OF_README'
XSlide allows selected users to become root without entering
Xa password. When slide is called without arguments, the
Xenvironment variable $SHELL is checked, and if something is in
Xit, it will run it as a shell with root permissions. If nothing
Xis in it, it will run /bin/sh.
X
XIf you give slide arguments, it will run the arguments as a command
Xline with root permissions, then return to your normal shell.
X
XSlide needs to be owned by root, and have a groupid that restricts
Xaccess only to the people you want.
X
XYou will need to create a group that will consist of logins that will
Xbe allowed to run slide. On my system, this group is called 'gods'.
XTo do this, edit /etc/groups and add a new group
XThen edit /etc/passwd and change group id's of the people you will
Xallow root permissions.
XIt's a good idea to do a 'find' on those people's home directories
Xand change all the groupid's of files and directories to the new
Xgroup.
X
XEdit the Makefile and assign the new group name to GRPNAM and
Xthe location you want the executable to go in BINDIR.
X
Xrun 'make install' to compile and install slide.
XYou must be root to do this correctly.
X
XBE CAREFUL! Anyone who can run this program will be able to become
Xsuperuser.
END_OF_README
if test 1217 -ne `wc -c <README`; then
echo shar: \"README\" unpacked with wrong size!
fi
# end of overwriting check
fi
if test -f Makefile -a "${1}" != "-c" ; then
echo shar: Will not over-write existing file \"Makefile\"
else
echo shar: Extracting \"Makefile\" \(309 characters\)
sed "s/^X//" >Makefile <<'END_OF_Makefile'
X# Change the following 2 lines to fit your system.
XGRPNAM = gods
XBINDIR = /usr/local/bin
X
Xslide: slide.o
X ld -s -o slide /lib/crt0s.o /lib/shlib.ifile slide.o
X rm slide.o
X
Xslide.o: slide.c
X cc -cO slide.c
X
Xinstall: slide
X chown root slide
X chgrp $(GRPNAM) slide
X chmod 4750 slide
X mv slide $(BINDIR)
END_OF_Makefile
if test 309 -ne `wc -c <Makefile`; then
echo shar: \"Makefile\" unpacked with wrong size!
fi
# end of overwriting check
fi
echo shar: End of archive 1 \(of 1\).
cp /dev/null ark1isdone
MISSING=""
for I in 1 ; do
if test ! -f ark${I}isdone ; then
MISSING="${MISSING} ${I}"
fi
done
if test "${MISSING}" = "" ; then
echo You have unpacked all 1 archives.
rm -f ark[1-9]isdone ark[1-9][0-9]isdone
else
echo You still need to unpack the following archives:
echo " " ${MISSING}
fi
## End of shell archive.
exit 0
--
Robert Diamond | UUCP: ...!rutgers!unirot!althea!diamond
| INTERNET: diamond@althea.rutgers.edu jackb@pbhyf.UUCP (Jack Bailey) (11/17/87)
What ever possessed you to post such a thing?
My opinion:
{
...
if(i_am_a_responsible_person && i_have_the_root_password)
i_dont_need_slide();
else if(i_know_something_about_unix) {
i_can_write_my_own();
get_root_password_once();
install_it_myself();
}
anybody_can_find_it();
too_bad();
exit(0);
}
--
J.J.Bailey {ihnp4,lll-crg,ames,pyramid}!ptsfa!jackb
"Basic research is what I'm doing when I don't know what I'm doing."brian@sdcsvax.UCSD.EDU (Brian Kantor) (11/17/87)
In article <223@althea.UUCP> rjd@althea.UUCP (Rob Diamond) writes: >This is slide, a little program I find very handy on the 3b1. It allows >selected users to become root without prompting for a password. You can >run slide with no arguments, in which case it invokes a shell ($SHELL) with >root permissions, or you can run it with arguments, in which case it runs >the arguments as a command line with root permissions. Sigh. And it's exactly the same as giving root a list of passwords instead of just one. See, if any of the villains out there manages to get the password of any of the users who can execute this program to become root, then they too can become root. And it's a trivial matter then to edit the password file, delete or change the root password, type rm -rf *, or any of those other wonderful things that villains do. From one point of view, having just one user who can run this decreases the security of your system by half. Perhaps it's worth it to you somehow. Brian Kantor UCSD Office of Academic Computing Academic Network Operations Group UCSD B-028, La Jolla, CA 92093 USA
rjd@althea.UUCP (Rob Diamond) (11/18/87)
In article <4309@sdcsvax.UCSD.EDU>, brian@sdcsvax.UCSD.EDU (Brian Kantor) writes: > In article <223@althea.UUCP> rjd@althea.UUCP (Rob Diamond) writes: > >This is slide, a little program I find very handy on the 3b1. It allows > >selected users to become root without prompting for a password. You can > >run slide with no arguments, in which case it invokes a shell ($SHELL) with > >root permissions, or you can run it with arguments, in which case it runs > >the arguments as a command line with root permissions. > > Sigh. And it's exactly the same as giving root a list of passwords > instead of just one. See, if any of the villains out there manages to > get the password of any of the users who can execute this program to > become root, then they too can become root. And it's a trivial matter > then to edit the password file, delete or change the root password, > type rm -rf *, or any of those other wonderful things that villains do. You're absolutely right. This can very easily be abused. That is why I put a warning on it. However, on yer-average 3b1 (UNIX PC) system, there will probably only be one user anyway. It's just kinda nice to slide in and out of root mode easily when you're doing adminstration-type-things. Rob. -- Robert Diamond | UUCP: ...!rutgers!unirot!althea!diamond | INTERNET: diamond@althea.rutgers.edu
mumble%karl@tut.cis.ohio-state.edu.UUCP (11/18/87)
rjd@althea.UUCP writes: This is slide, a little program I find very handy on the 3b1. It allows selected users to become root without prompting for a password. You worked much too hard at that. main (argc, argv) int argc; char *argv[]; { char *shell = getenv("SHELL"); setuid (0); setgid (0); execv ((shell ? shell : "/bin/csh"), argv); } This has the effect that calling this program (we call it "enable") isz done just as one would call a shell, e.g., "enable -fc 'chown username /File/Name'" does what you expect. Make it mode 04750, chown'd to root, and hide it in a directory of mode 0700 which is owned by a user who is allowed to use it. And then kill that user if he ever walks away from his terminal while logged in. Half :-). -=- Karl
tgr@picuxa.UUCP (Dr. Emilio Lizardo) (11/18/87)
In defense of slide -- I have an AT&T 3B2/300 which I use for some development and testing. I have "normal" logins which I use in the testing, and occasionally I need to become superuser to fix something. If slide means I don't have to key in the password, fine. I have not tested slide yet (have not even read the README), but I seem to recall from the header of the article that the author mentions (1) using this on a 3B1, which is probably used more often as a personal (i.e. single-user) computer, and (2) setting up group execute permissions to restrict access to slide. Like anything else -- if you don't like it, don't use it. If the intent of all the flames was to point out a security loophole for production systems, it could have been accomplished *much* more politely. -- Tom Gillespie ( ...ihnp4!picuxa!tgr) | (attmail!tgillespie) (201) 952-1178 AT&T/EDS Product Integration Center 299 Jefferson Rd. Parsippany NJ 07054 "Don't take life so serious ... it ain't nohow permanent." -- Walt Kelly
larry@kitty.UUCP (11/19/87)
In article <382@picuxa.UUCP>, tgr@picuxa.UUCP (Dr. Emilio Lizardo) writes: > In defense of slide -- I have an AT&T 3B2/300 which I use for some > development and testing. I have "normal" logins which I use in > the testing, and occasionally I need to become superuser to fix > something. If slide means I don't have to key in the password, fine. > ... There is an alternative to slide that was developed by the folks at State University of NY at Buffalo (sunybcs) called ``sudo''. This program runs on the UNIX-PC, 3B2's, NCR Towers, XENIX, and every System V version that I have laid my hands on. Sudo reads a protected file containing a list of permitted users AND the nature of commands which they are permitted to execute as superuser. This file can permit a user to execute all commands as superuser, or just particular designated commands. This is ideal for conveying "limited authority" - which is obviously not possible with regular su(1). All commands executed by sudo are logged to a log file, and all failures or unauthorized sudo attempts are logged to a fail.log file. I have uncovered no security problems with sudo in almost 3 years of use on a number of systems beyond the obvious of allowing a permitted user to be logged into an unattended terminal. The source to sudo was posted to unix-pc.sources a year or so ago, and may have been posted to comp.sources. Perhaps the kind folks at sunybcs will submit the source again if there was no submission to comp.sources. <> Larry Lippman @ Recognition Research Corp., Clarence, New York <> UUCP: {allegra|ames|boulder|decvax|rutgers|watmath}!sunybcs!kitty!larry <> VOICE: 716/688-1231 {hplabs|ihnp4|mtune|utzoo|uunet}!/ <> FAX: 716/741-9635 {G1,G2,G3 modes} "Have you hugged your cat today?"
davidsen@steinmetz.steinmetz.UUCP (William E. Davidsen Jr) (11/20/87)
I was glad to see slide posted. Any reasonable user does as little as
possible in root, and therefore may have to change fairly frequently. I
have a routine which lets me execute one command as anyone from my own
login, and it's a great timesaver.
For all of those who didn't like it, there were caveats with the
program, you don't have to use it, and why are you complaining about. I
hope to see more people posting, and some of the replys were less than
totally polite. If someone felt that additional warning was needed (and
that might be), it could have been done without making the poster feel
that the submission was unwanted.
My solution to the problem is to have a second login window and keep it
logged in as root *with a very different prompt*, not just "#", but
"Root>" and a bell. Annoying as hell, but a safty feature. I know some
people have had trouble with running multiple login windows, please
don't let's start that again.
--
bill davidsen (wedu@ge-crd.arpa)
{uunet | philabs | seismo}!steinmetz!crdos1!davidsen
"Stupidity, like virtue, is its own reward" -me