rrr@u02.svl.cdc.com (Rich Ragan) (11/28/90)
I have built a mail gateway into a proprietary mail system in Perl and now I want to have it run with root privilege so things like the "From" user supplied by the gateway are believed by sendmail. As you may have surmised from the subject perl won't let me do it directly. I have undump source but it looks like it will be non-trivial to get it running under a Mips RiscOS derived system. I got the Mips version of unexec.c and rebuilt Perl with Tom Christiansen's UNEXEC code activated. This dumps a file for me but executing it gives me a "Killed" message and dbx complains that there is no start address. The third alternative suggested by Perl is a C-wrapper. Has anyone done one of these they could send me or point me to? Failing that, any suggestions on how to get further with undump or unexec. Thanks -- -- Richard R. Ragan rrr@svl.cdc.com (408) 496-4340 Control Data Corporation--Silicon Valley Operations
tchrist@convex.COM (Tom Christiansen) (11/29/90)
In article <28891@shamash.cdc.com> rrr@svl.cdc.com writes: >I have built a mail gateway into a proprietary mail system >in Perl and now I want to have it run with root privilege so >things like the "From" user supplied by the gateway are >believed by sendmail. As you may have surmised from the subject >perl won't let me do it directly. I have undump source but >it looks like it will be non-trivial to get it running under >a Mips RiscOS derived system. I got the Mips version of >unexec.c and rebuilt Perl with Tom Christiansen's UNEXEC code >activated. This dumps a file for me but executing it gives >me a "Killed" message and dbx complains that there is no start >address. The third alternative suggested by Perl is a >C-wrapper. Has anyone done one of these they could send me >or point me to? Failing that, any suggestions on how to get >further with undump or unexec. Well, I'm sorry to hear about your experiences with unexec(). My question is: does it work under GNU emacs on your platform? It sounds like the code is running but somehow not setting the start address. I would go take a look at the source code for the emacs operating system and see how it's calling unexec on your platform, assuming that you've got the clone emacs thing working. But you shouldn't need unexec or undump for this. A wrapper is pretty easy. Let's say your script is called /foo/bar/runme; then just do this: % su # cd /foo/bar # mv runme .runme.real # cat > runme.c # real programmers write programs with cat :-) main(ac,av) char **av; { execv("/foo/bar/.runme.real", av); perror("/foo/bar/.runme.real"); exit(1); } ^D # cc runme.c -o runme # chmod 4711 runme Now this way the suid bit is on the a.out, not the script, so it should be ok even if your kernel has suid scripts disabled. You'll have to make your script acceptable to taintperl, which taint always easy. And of course, the regular caveats on suid programs apply. Run with least possible privilege. I'll bet daemon would work in this case; check your sendmail.cf if you have one and see what the /^T(\w+)/ users are (they're trusted). If daemon is one of them, programs running as daemon may day they're whoever they want to be. --tom