>>>>> "Sachin" == Sachin Punadikar <[EMAIL PROTECTED]> writes:
Sachin> Hi Tom, Sachin> I implemented the changes suggested by you for "MIT krb5 Security Advisory Sachin> 2006-001" in the ksu utility. I am always observing below message when I Sachin> exit from the ksu shell. I tested it on AIX and Linux. Behavior is same. Sachin> ------------------------------------------ Sachin> # ksu tester Sachin> Changing uid to tester (333) Sachin> # exit Sachin> exit Sachin> ksu: Operation not permitted while returning to source uid for destroying Sachin> ccache Sachin> ------------------------------------------- Sachin> Code study shows that this is the new message being added for the security Sachin> advisory 2006-001. Further I found out that, from the sweep_up function, Sachin> krb5_seteuid(0) always fails. Ands that why I am getting this message. As a Sachin> side effect it leaves around the cred cache file, exits without destroying Sachin> it. Sachin> --- src/clients/ksu/main.c----- Sachin> if (krb5_seteuid(0) < 0 || krb5_seteuid(target_uid) < 0) { Sachin> com_err(prog_name, errno, Sachin> "while returning to source uid for destroying ccache"); Sachin> exit(1); Sachin> } Sachin> ------------------------------------------ Sachin> Is this a expected behavior? Could you please provide inputs regarding why Sachin> we are calling krb5_seteuid(0) ? Is it supposed to succeed at any point of Sachin> time ? If not is it good idea to remove this call ? This sounds like a bug in the patch. Try moving the krb5_seteuid(0) call to before the if-statement (so its return value gets ignored... this is safe for seteuid(0) but not for seteuid(not_zero)). I think the krb5_seteuid(0) call is to change back to UID 0 if that is required (on some systems) for changing back to the original target UID. ---Tom ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos