On Tue, Oct 23, 2007 at 09:09:04PM +0100, Adam J Richardson wrote: > Christopher Cowart wrote: >> Unless you can find some local privilege escalation exploit, I'm >> thinking you're stuck. You can probably fix it in single-user mode: >> * Reboot >> * Pick single user mode from the boot menu >> * Accept the default shell >> $ fsck -p >> $ mount -u / >> $ mount -a -t ufs >> $ chown root /usr/bin/su >> But if the command above ran to completion, you probably have a mess of >> permissions on your filesystem. You may want to look into rebuilding / >> reinstalling world while you're in single. > > What about going to single user mode and editing /etc/passwd so the "root" > line has the username "uname"? Or add user "uname" with UID 0?
The chown command would have looked up "uname" via libnss and used the numeric UID to alter the filesystem entries. The most you could do here is change the symbolic name for the "uname" user and make the ls -l output look different. Either way, you're stuck with the files on the filesystem not being owned by UID 0. I would highly recommend not mucking with /etc/passwd and letting rebuild world fix things. -- Chris Cowart Lead Systems Administrator Network & Infrastructure Services, RSSP-IT UC Berkeley
pgp7j5Q3F2IX7.pgp
Description: PGP signature