Re: [Cooker] kppp and suid
, 16 2003, 20:13, Olivier Blin : Hi kppp has root suid, is it really necessary ? pppd has already root suid, shouldn't it be be enough ? no, since kppp needs to write into /etc/ppp/* -- - diego _ / Never lie down with a woman who's got \ | more troubles than you -- Murphy's Laws | \ on Sex n39 / - \ ^__^ \ (xx)\___ (__)\ )\/\ U ||w | || || Please avoid sending me Word or PowerPoint attachments. See http://www.fsf.org/philosophy/no-word-attachments.html
Re: [Cooker] kppp and suid
On Saturday 16 August 2003 19:51, Diego Iastrubni wrote: Hi kppp has root suid, is it really necessary ? pppd has already root suid, shouldn't it be be enough ? no, since kppp needs to write into /etc/ppp/* what about using a group for this ? /etc/ppp/ could be group writeable, and kppp sgid to this group. -- Michal Scherer
Re: [Cooker] kppp and suid
Am Samstag, 16. August 2003 19:13 schrieb Olivier Blin: Hi kppp has root suid, is it really necessary ? pppd has already root suid, shouldn't it be be enough ? pppd setuid root = pppd has access to all files it needs as well as devices and is able to set the route kppp setuid root = using pppd as you were root, needed since using pppd as user you have only limited access to pppd. you can only dial with peerscripts and not set priviliged options. So kppp not running setuid root would result in not beeing able to use it at all. Steffen
Re: [Cooker] kppp and suid
, 16 2003, 21:25, Steffen Barszus : Am Samstag, 16. August 2003 19:13 schrieb Olivier Blin: Hi kppp has root suid, is it really necessary ? pppd has already root suid, shouldn't it be be enough ? pppd setuid root = pppd has access to all files it needs as well as devices and is able to set the route kppp setuid root = using pppd as you were root, needed since using pppd as user you have only limited access to pppd. you can only dial with peerscripts and not set priviliged options. So kppp not running setuid root would result in not beeing able to use it at all. Steffen but if kppp is run as normal user, and then it invokes pppd which is suid root, then pppd will become root no? -- - diego _ / Come, landlord, fill the flowing bowl \ | until it does run over, Tonight we will | | all merry be -- tomorrow we'll get | | sober. -- John Fletcher, The Bloody| \ Brother, II, 2 / - \ ^__^ \ (xx)\___ (__)\ )\/\ U ||w | || || Please avoid sending me Word or PowerPoint attachments. See http://www.fsf.org/philosophy/no-word-attachments.html
Re: [Cooker] kppp and suid
Am Samstag, 16. August 2003 21:20 schrieb Diego Iastrubni: , 16 2003, 21:25, Steffen Barszus : Am Samstag, 16. August 2003 19:13 schrieb Olivier Blin: Hi kppp has root suid, is it really necessary ? pppd has already root suid, shouldn't it be be enough ? pppd setuid root = pppd has access to all files it needs as well as devices and is able to set the route kppp setuid root = using pppd as you were root, needed since using pppd as user you have only limited access to pppd. you can only dial with peerscripts and not set priviliged options. So kppp not running setuid root would result in not beeing able to use it at all. Steffen but if kppp is run as normal user, and then it invokes pppd which is suid root, then pppd will become root no? What I mean is the following (man pppd): As indicated above, some security-sensitive options are privileged, which means that they may not be used by an ordinary non-privileged user running a setuid-root pppd, either on the command line, in the user's ~/.ppprc file, or in an options file read using the file option. Privileged options may be used in /etc/ppp/options file or in an options file read using the call option. If pppd is being run by the root user, privileged options can be used without restriction. If pppd is setuid root it has access as if it is root, but it is not run as if root has started it. Steffen
Re: [Cooker] kppp and suid
kppp has root suid, is it really necessary ? pppd has already root suid, shouldn't it be be enough ? no, since kppp needs to write into /etc/ppp/* Does it really need to write there ? No way to use ~/.ppprc only ? I've noticed that all dialers use /var/lock/LCK..ttyS? files. So they must be run as root. This prevent for example wvdial to be run as non-root user. -- Olivier Blin
Re: [Cooker] kppp and suid
Am Samstag, 16. August 2003 22:37 schrieb Olivier Blin: kppp has root suid, is it really necessary ? pppd has already root suid, shouldn't it be be enough ? no, since kppp needs to write into /etc/ppp/* Does it really need to write there ? No way to use ~/.ppprc only ? I've noticed that all dialers use /var/lock/LCK..ttyS? files. So they must be run as root. This prevent for example wvdial to be run as non-root user. Well nothing to discuss here. pppd running as root != pppd running by root The only way to dial up for user is to use peer scripts and having pppd setuid root. This way pppd can be started by user, since pppd call name is not a priviliged option. :) Steffen
Re: [Cooker] kppp and suid
pppd running as root != pppd running by root yes The only way to dial up for user is to use peer scripts and having pppd setuid root. This way pppd can be started by user, since pppd call name is not a priviliged option. :) It seems that pppd can't be run as non-root user. I've tried and pppd writes the following to syslog: /usr/sbin/pppd: must be root to run /usr/sbin/pppd, since it is not setuid-root But pppd is setuid root ... $ ls -l /usr/sbin/pppd -rwsr-xr-t1 root root 221656 aoĆ» 13 12:03 /usr/sbin/pppd -- Olivier Blin
Re: [Cooker] kppp and suid
It seems that pppd can't be run as non-root user. I've tried and pppd writes the following to syslog: /usr/sbin/pppd: must be root to run /usr/sbin/pppd, since it is not setuid-root Errm, perhaps I was wrong, I tried to set device on pppd command line ... But a strace on pppd gave this : geteuid32() = 501 write(2, /usr/sbin/pppd: must be root to ..., 80/usr/sbin/pppd: must be root to run /usr/sbin/pppd, since it is not setuid-root Shouldn't geteuid32() return 0 since geteuid() returns the effective user ID of the current process. The effective ID corresponds to the set ID bit on the file being executed, so root with pppd. -- Olivier Blin
