Newsgroups: comp.sys.3b1 Path: utzoo!utgpu!cunews!micor!latour!ecicrl!clewis From: clewis@ferret.ocunix.on.ca (Chris Lewis) Subject: Re: COPS security audit and the unix pc. Message-ID: <1991Apr07.040225.5403@ferret.ocunix.on.ca> Date: Sun, 07 Apr 91 04:02:25 GMT References: <563@iczer-1.UUCP> <1991Apr03.201214.8915@ferret.ocunix.on.ca> <580@iczer-1.UUCP> Organization: Elegant Communications Inc, Ottawa, Canada In article <580@iczer-1.UUCP> emm@iczer-1.UUCP (Edward M. Markowski) writes: >In article <1991Apr03.201214.8915@ferret.ocunix.on.ca> clewis@ferret.ocunix.on.ca (Chris Lewis) writes: >|In article <563@iczer-1.UUCP> emm@iczer-1.UUCP (Edward M. Markowski) writes: >|It's in the defs.h for B news. However, it won't work on System V systems >|because of the way setuid/setgid programs, setuid()/setgid() and mkdir >|works. (as in, if a setuid program calls mkdir, the directory ends up >|being owned by the real user not the effective, rnews can't write >|into it, and there's no "elegant" way around it in System V) Which is why >|C-news goes to all of the kludgey junk for the "setnewsids" program which >|runs as setuid root to run relaynews properly. >|Bnews has no such kludge, though you could retrofit setnewsids if you wanted. >It works here. I am have a 3B1, which is running System V I do not seem >to have that problem. I just went back and ran some tests with 2.11 PL 19. And sure nuff, it does work. It didn't work back in 2.10.x days which I guess is why I thought it still didn't in 2.11. It works by chmod 777'ing the parent, mkdir'ing the directory, owned by the real id (not news), and then "giving it away" to news and then resetting the parent. Urgh. Still wouldn't work in some versions of UNIX (eg: V7 where chown is usually disabled). This mechanism wouldn't work in BSD, but in BSD you can setuid(geteuid()). C-news uses a simpler approach by doing a setuid(geteuid()) on all of relaynews, which can't be done on System V, so the setnewsid program does it as setuid root (via an equivalent of setuid(getpwnam("news")->pw_uid)) and then exec'ing relaynews. -- Chris Lewis, clewis@ferret.ocunix.on.ca or ...uunet!mitel!cunews!latour!ecicrl!clewis Psroff support: psroff-request@eci386.uucp, or call 613-832-0541 (Canada) **** somebody's mailer is appending .bitnet to my From: address. If you see this, please use the address in the signature, and send me a copy of the headers of the mail message with the .bitnet return address. Thanks!