akbloom@oss670.UUCP (A. Keith Bloom) (10/20/90)
I am writing an application for Xenix SysV (release 2.2.3) in which a user
(call him 'B') must be able to create files and sometimes directories which
are to be owned by another user ('A'). B will not have general permission
to write to A's directories, but must do so through a special program which
will be SUID to A. Creating files is no problem, but Xenix has no "mkdir"
system call, and the /bin/mkdir program loses the original effective UID
because it is SUID to root.
So far I've thought of two methods for giving B the ability to create
directories owned by A, without giving B the general ability to write to
A's directories.
Method 1: write a specialized version of the /bin/mkdir program which will
make the ownership and permissions what I wish them to be, have it run SUID
root, and call it from my SUID-to-A program.
Method 2: the following Rube Goldbergish procedure (non-essential details
are omitted):
if (access(child_directory, 0) < 0)
{
if (chmod(parent_directory, 0775) < 0) /* allow user to write to parent */
return -1;
switch (fork()) /* create child directory */
{
case (-1):
return -1;
case (0):
execl("/bin/mkdir", "mkdir", child_directory, NULL);
return -1;
default:
if (wait(&status) < 0 || status != 0)
return -1;
switch(fork()) /* must create another child process */
{
case (-1):
return -1;
case (0): /* to keep effective uid same in parent */
if (setuid(getuid()) < 0)
exit(-1);
/* because chown checks effective uid */
if (chown(child_directory, DBADM_UID, DBADM_GID) < 0)
exit(-1);
exit(0); /* exit from child process */
default:
if (wait(&status) < 0 || status != 0)
return -1;
}
}
if (chmod(parent_directory, 0755) < 0) /* deny user write perm to parent */
return -1;
}
Method 2 works, and I'm not overly concerned about the possible security
hole (method 1 also has one), but ... can anyone think of a better (simpler)
way to do this?
--
UUCP ...!{rutgers|ames|uunet}!mimsy!woodb!akbloom
INTERNET akbloom%woodb@mimsy.umd.edu PHONE: (301) 965-3066
Disclaimer: I do not speak for the Social Security Administration or
any other government agency.