tholm@uvicctr.UUCP (Terrence W. Holm) (06/02/88)
EFTH Minix report #15 - June 1988 - su(1) and the environment This is a modified su(1) that properly passes the environment. Note: putenv(3) must be installed (see EFTH report #2). A "man" page is included. echo x - su.1 gres '^X' '' > su.1 << '/' XNAME X su(1) - superimpose another user's shell X XSYNOPSIS X su [ username ] X XDESCRIPTION X This performs a log-in of another user, a new process is X used for the appropriate shell. Your current shell is not X destroyed, as occurs when using login(1). X X If "username" is not given it defaults to "root" (the super- X user). A password will be asked for if "username" requires one. X X The group and user id are changed for the new username. X The environment entries $HOME and $SHELL are set up according X to the new username's entry in the password file, but the X rest of the environment is passed untouched. The current X directory is not changed. X XFILES X /etc/passwd X XSEE ALSO X login(1) / echo x - su.c gres '^X' '' > su.c << '/' X/* su - become super-user Author: Patrick van Kleef */ X X/* Modified to set up HOME and SHELL in the environment, and pass */ X/* the rest of the environment to the new shell. 1987-Oct-7 EFTH */ X X#include "sgtty.h" X#include "stdio.h" X#include "pwd.h" X Xextern char **environ; X Xchar *malloc(); X X Xmain (argc, argv) Xint argc; Xchar *argv[]; X{ X register char *name; X char *crypt (); X char *shell = "/bin/sh"; X char *_home, *_shell; X int nr; X char password[14]; X struct sgttyb args; X register struct passwd *pwd; X struct passwd *getpwnam (); X X if (argc > 1) X name = argv[1]; X else X name = "root"; X X if ((pwd = getpwnam (name)) == 0) { X std_err("Unknown id: "); X std_err(name); X std_err("\n"); X exit (1); X } X X if (pwd->pw_passwd[0] != '\0' && getuid()!= 0) { X std_err("Password: "); X ioctl (0, TIOCGETP, &args); /* get parameters */ X args.sg_flags = args.sg_flags & (~ECHO); X ioctl (0, TIOCSETP, &args); X nr = read (0, password, 14); X password[nr - 1] = 0; X putc('\n',stderr); X args.sg_flags = args.sg_flags | ECHO; X ioctl (0, TIOCSETP, &args); X if (strcmp (pwd->pw_passwd, crypt (password, pwd->pw_passwd))) { X std_err("Sorry\n"); X exit (2); X } X } X setgid (pwd->pw_gid); X setuid (pwd->pw_uid); X if (pwd->pw_shell[0]) X shell = pwd->pw_shell; X X /* Set up HOME and SHELL in the environment */ X X _home = malloc( strlen(pwd->pw_dir) + 6 ); X strcpy( _home, "HOME=" ); X strcat( _home, pwd->pw_dir ); X putenv( _home ); X X _shell = malloc( strlen(shell) + 7 ); X strcpy( _shell, "SHELL=" ); X strcat( _shell, shell ); X putenv( _shell ); X X execle( shell, shell, (char *) 0, environ ); X std_err("No shell\n"); X exit (3); X} / -------------------------------------------------------------------- Edwin L. Froese uw-beaver!ubc-cs!mprg!handel!froese Terrence W. Holm {uw-beaver,ubc-cs}!uvicctr!sirius!tholm
dieter flunkert <d_flunkert@cen.jrc.it> (04/11/91)
Hey all, I have a question concerning su. If I use su which is on my harddisk it works fine. But if I use the copy I have on /tmp on the ram disk, it doesn't work. It askes for the password, but after typing in the right one, I'm still not root. Any ideas? Dieter Dieter Flunkert d_flunkert@cen.jrc.it
v882087@si.hhs.nl (04/12/91)
In article <9104111843.AA03888@mcsun.EU.net> you write: >I have a question concerning su. If I use su which is on my harddisk it works > fine. >But if I use the copy I have on /tmp on the ram disk, it doesn't work. It askes >for the password, but after typing in the right one, I'm still not root. >Any ideas? Yes, su must have the setuid bit on (rwsr-xr-x) to enable it to work. this can be done be chmod-ing it with mode 4755 (the 4 sets the s-bit). Your welcome, -- | | / Hans Voss <v882087@si.hhs.nl> |___| / Parkweg 200 +--------------------------------------------- | | / 3134 VS VLAARDINGEN | "Wow" -- Zaphod Beeblebrox | |/ The Netherlands |
HBO043%DJUKFA11.BITNET@cunyvm.cuny.edu (Christoph van Wuellen) (04/12/91)
Copying su removes the suid bit. C.v.W.
adrie@philica.ica.philips.nl (Adrie Koolen) (04/12/91)
In article <50417@nigel.ee.udel.edu> d_flunkert@cen.jrc.it (dieter flunkert) writes: >Hey all, >I have a question concerning su. If I use su which is on my harddisk it works fine. >But if I use the copy I have on /tmp on the ram disk, it doesn't work. It askes >for the password, but after typing in the right one, I'm still not root. >Any ideas? su should be owned by root and should be setuid. Only a root process can change its user ID. So you should login as root, then copy su and set the setuid bit: # cp /usr/bin/su /tmp # chmod u+s /tmp/su Then it should work. Adrie Koolen (adrie@ica.philips.nl) Philips Innovation Centre Aachen
cla@dobag.in-berlin.de (Christian Lampl) (04/12/91)
dieter flunkert <d_flunkert@cen.jrc.it> writes: >Hey all, >I have a question concerning su. If I use su which is on my harddisk it works fine. >But if I use the copy I have on /tmp on the ram disk, it doesn't work. It askes >for the password, but after typing in the right one, I'm still not root. >Any ideas? >Dieter >Dieter Flunkert d_flunkert@cen.jrc.it Try : $ cd /tmp $ chmod 4755 su That must be all !!! -- cla@dobag.in-berlin.de |-An optimist believes we live in the best world | Christian Lampl | possible; a pessimist fears this is true !! | Berlin, Germany |-There are no bugs, only unrecognized features !! |
jac@dobag.in-berlin.de (Joerg Conradt) (04/13/91)
cla@dobag.in-berlin.de (Christian Lampl) writes: >dieter flunkert <d_flunkert@cen.jrc.it> writes: >>Hey all, >>I have a question concerning su. If I use su which is on my harddisk it works fine. >>But if I use the copy I have on /tmp on the ram disk, it doesn't work. It askes >>for the password, but after typing in the right one, I'm still not root. >>Any ideas? >>Dieter >>Dieter Flunkert d_flunkert@cen.jrc.it >Try : >$ cd /tmp >$ chmod 4755 su >That must be all !!! >Christian Lampl UUCP: cla@dobag.in-berlin.de Oh no, Christian!!!!!! Of course you first have to change dir. to /tmp and then exec the chmod command! Though a correct way to make it work would be: <Log in as root> cd /tmp chmod 4755 su exit After this it will work. The chmod command sets the s-bit, which makes the user running the su-command root, and you have to be root if you want to change your userid or groupid! Otherwise every user could do so and there is no bit of system-security!!! Cheers Joerg -- UUCP: jac@dobag.in-berlin.de | - The number of viewers watching you is Alias Joerg Conradt | proportional to the stupidity of your 1000 Berlin 41 Germany | action. ++ 0307958397 | - "Murphy was an optimist"
cla@dobag.in-berlin.de (Christian Lampl) (04/13/91)
jac@dobag.in-berlin.de (Joerg Conradt) writes: >cla@dobag.in-berlin.de (Christian Lampl) writes: >>dieter flunkert <d_flunkert@cen.jrc.it> writes: >>>Hey all, >>>I have a question concerning su. If I use su which is on my harddisk it works fine. >>>But if I use the copy I have on /tmp on the ram disk, it doesn't work. It askes >>>for the password, but after typing in the right one, I'm still not root. >>>Any ideas? >>>Dieter >>>Dieter Flunkert d_flunkert@cen.jrc.it >>Try : >>$ cd /tmp >>$ chmod 4755 su >>That must be all !!! >>Christian Lampl UUCP: cla@dobag.in-berlin.de >Oh no, Christian!!!!!! >Of course you first have to change dir. to /tmp and then exec the chmod >command! Though a correct way to make it work would be: I did it !!! ><Log in as root> >cd /tmp >chmod 4755 su >exit >After this it will work. The chmod command sets the s-bit, which makes the >user running the su-command root, and you have to be root if you want to >change your userid or groupid! Otherwise every user could do so and there >is no bit of system-security!!! >Cheers Joerg That's true !! I forgot to write it down !! Sorry !! Bye Christian !!! -- cla@dobag.in-berlin.de |-An optimist believes we live in the best world | Christian Lampl | possible; a pessimist fears this is true !! | Berlin, Germany |-There are no bugs, only unrecognized features !! |
v882252@si.hhs.nl (04/18/91)
About a working su: So no forget to make 'root' the owner of '/tmp/su', either by copying the executable as root, or chown (change owner) root /bin/su. *Lugt
v882252@si.hhs.nl (04/18/91)
Do not forget the most important aspect of this (patented) suiding; the owner of /tmp/su must be 'root'! *lugt
v882252@si.hhs.nl (04/18/91)
About chmodding a copy of su in /tmp: Do not forget to CHOWN the file ! So: chmod ... chown root /tmp/su Forgetting this may result in about 24MB of junk-mail in News, i'm afraid. *lugt
v882252@si.hhs.nl (04/18/91)
You're only the 215th person I'm telling (follow-ups are not yet allowed from our network ... insi) that a 'chown root /tmp/su' is also quite necessary... See? *lugt