arrom@aplcen.apl.jhu.edu (Ken Arromdee) (04/17/89)
Something I posted twice before. The first time it didn't get out of jhunix
(at least, I got no responses, and I couldn't see it on aplcen). The second
I posted to unix.wizards, realized my mistake, made another posting stating I
meant to post it to this group instead, and somehow never actually got around
to posting it here. But anyway, here's my problem; can anyone solve it?
--------------------------------------------------------------
I have a program which is run setuid. I want to set the uid back to the
original before exec'ing a shell. It doesn't work. The following illustrates
the problem (it's run on an AT&T 3B4000 with SYSV). (uids is just a small
program to print out one's real and effective uids).
--------------------------------------------------------------
% uids
Real: user 7943 (ins_akaa), group 2048
Effective: user 7943 (ins_akaa), group 2048
% cd /s/adev/src/h/src
% cat test.c
extern unsigned short getuid();
extern unsigned short geteuid();
main()
{
printf("Before setuid(getuid())\n");
printf("Real UID=%d; effective UID=%d\n",
(int)getuid(), (int)geteuid());
setuid(getuid());
printf("After setuid(getuid())\n");
printf("Real UID=%d; effective UID=%d\n",
(int)getuid(), (int)geteuid());
execl("/bin/sh", "sh", 0);
}
% ls -l a.out
-rwsr-xr-x 1 adev 210 19905 Apr 10 23:10 a.out*
% a.out
Before setuid(getuid())
Real UID=7943; effective UID=210
After setuid(getuid())
Real UID=7943; effective UID=7943
% uids
Real: user 7943 (ins_akaa), group 2048
Effective: user 210 (adev), group 2048
% %
--------------------------------------------------------------
Note that setuid(getuid()) seems to work, but the effective uid somehow gets
set back when I do the execl().
--
EARTH | --Kenneth Arromdee
smog | bricks | UUCP: ....!jhunix!ins_akaa
AIR mud FIRE| INTERNET: arromdee@crabcake.cs.jhu.edu
soda water | tequila | BITNET: g49i0188@jhuvm
WATER |(please, no mail to arrom@aplcen)
Element chart from "Science Made Stupid". (The chart seems rather popular...)jiii@visdc.UUCP (John E Van Deusen III) (04/18/89)
In article <1051@aplcen.apl.jhu.edu> (Ken Arromdee (600.429)) writes: > > I have a program which is run setuid. I want to set the uid back to > the original before exec'ing a shell. >-------------------------------------------------------------- > extern unsigned short getuid(); > ... > > setuid(getuid()); You have declared getuid() to return an unsigned short. Setuid expects its argument to be an int. Lint(1) complains. -- John E Van Deusen III, PO Box 9283, Boise, ID 83707, (208) 343-1865 uunet!visdc!jiii
arrom@aplcen.apl.jhu.edu (Ken Arromdee) (04/19/89)
>You have declared getuid() to return an unsigned short. Setuid expects >its argument to be an int. Lint(1) complains. >John E Van Deusen III, PO Box 9283, Boise, ID 83707, (208) 343-1865 I just tried it again, only adding a cast to int. The same problem happened. This was expected, since C (at least pre-ANSI) widens arguments of short to int. Thus, setuid would be getting an int anyway, despite the fact that I omitted the cast. -- "But then, two Dr. McCoy's just might bring the level of medical efficiency on this ship up to acceptable levels." Kenneth Arromdee (UUCP: ....!jhunix!ins_akaa; BITNET: g49i0188@jhuvm; INTERNET: arromdee@crabcake.cs.jhu.edu) (please, no mail to arrom@aplcen)
kucharsk@uts.amdahl.com (William Kucharski) (04/19/89)
In article <510@visdc.UUCP> jiii@visdc.UUCP (John E Van Deusen III) writes: >In article <1051@aplcen.apl.jhu.edu> (Ken Arromdee (600.429)) writes: >> extern unsigned short getuid(); >> ... >> >> setuid(getuid()); > >You have declared getuid() to return an unsigned short. Setuid expects >its argument to be an int. Lint(1) complains. BSD getuid() returns an int. SYSV getuid() returns an unsigned short. -- William Kucharski ARPA: kucharsk@uts.amdahl.com UUCP: ...!{ames,decwrl,sun,uunet}!amdahl!kucharsk Disclaimer: The opinions expressed above are my own, and may not agree with those of any other sentient being, not to mention those of my employer. So there.
jiii@visdc.UUCP (John E Van Deusen III) (04/21/89)
In article <1066@aplcen.apl.jhu.edu> Ken Arromdee writes: > ... [In article <510@visdc.UUCP> John E Van Deusen III writes:] >> You have declared getuid() to return an unsigned short. Setuid >> expects its argument to be an int. Lint(1) complains. > > I just tried it again, only adding a cast to int. The same problem > happened. This was expected, since C (at least pre-ANSI) widens > arguments of short to int. Thus, setuid would be getting an int > anyway, despite the fact that I omitted the cast. For the record, if getuid() returned type short it would be converted to type int when being evaluated as a function parameter, and lint(1) would not complain. Since it is of type unsigned short, it is converted to unsigned int, and that is not the same thing. I did not mean to imply that the type cast alone would solve the problem. I just thought that fixing the program to pass lint(1) would prove beneficial in debugging it. The second thing that lint(1) says about the program is that setuid(2) returns a value that is ALWAYS ignored. Since setuid(2) returns -1 and sets errno upon detection of an error, isn't that return value of some interest in solving this problem? Probably not in reality. When this problem was posted to comp.unix.wizards, article <470@holin.ATT.COM> by bes@holin.ATT.COM was posted in reply: ... I tried it (wrote a uids program) and did not see this results on a 3B4000 running 3.1.5 release of UNIX. -- Bradley Smith Computer Systems Offer Integration Laboratory ----> AT&T Bell Labs, Holmdel, NJ | 201-949-0090 att!holin!bes or bes@holin.ATT.COM | I would tend to believe that the program works. So whats left? Is it possible that in all of the machinations of program development, Mr. Arromdee has ended up with a version of his own utility program for determining the user id, uids, that has the setuid bit set? -- John E Van Deusen III, PO Box 9283, Boise, ID 83707, (208) 343-1865 uunet!visdc!jiii
arrom@aplcen.apl.jhu.edu (Ken Arromdee) (04/22/89)
>I would tend to believe that the program works. So whats left? Is it >possible that in all of the machinations of program development, >Mr. Arromdee has ended up with a version of his own utility program for >determining the user id, uids, that has the setuid bit set? No. If you look closely at what I posted, you can see that I also executed "uids" BEFORE running the test program, and it didn't say it was setuid then; it only did so afterwards. Besides, I tested some operations requiring the second uid's permission to perform, and I was allowed to perform them. -- "But then, two Dr. McCoy's just might bring the level of medical efficiency on this ship up to acceptable levels." Kenneth Arromdee (UUCP: ....!jhunix!ins_akaa; BITNET: g49i0188@jhuvm; INTERNET: arromdee@crabcake.cs.jhu.edu) (please, no mail to arrom@aplcen)