[shell-discuss] Trouble with /usr/bin/ksh+setuid script when the default locale is set to "en_US.UTF-8" ...

Wed, 07 Mar 2007 09:01:38 +0100 

>4. Run the script as plain user:
>-- snip --
>$ /home/mytest/setuid_test.ksh
>couldn't set locale correctly
>couldn't set locale correctly
>couldn't set locale correctly

Perhaps this (incorrectly) trips over the stringent locale checks we
have in libc.

>#start PATH=|/usr/xpg6/bin:/usr/xpg4/bin:/usr/sbin:/usr/bin|
>uid=2306(gisburn) gid=2306(gisburn) euid=0(root) groups=8000(xprint)
>#done.
>-- snip --
>
>Two problems:
>- The "couldn't set locale correctly" should not occur
>- AFAIK the script should run the "id" command as user "root" (maybe I
>am doing something fundamentally wrong or the old /usr/bin/ksh cannot
>handle setuid scripts)

No; it should print euid=0 as it does.  Set-uid scripts do not change
the real uid.

>5. Running the script as user "root" works without problems:
>-- snip --
>$ /home/mytest/setuid_test.ksh
>#start PATH=|/usr/xpg6/bin:/usr/xpg4/bin:/usr/sbin:/usr/bin|
>uid=0(root) gid=0(root)
>groups=1(other),2(bin),3(sys),4(adm),5(uucp),6(mail),7(tty),8(lp),9(nuucp),12(daemon)
>#done.
>-- snip --
>
>Does anyknow have an idea what may be going wrong in this case ? Is
>there any restriction for setuid scripts when the system locale is not
>"C"/"POSIX" ?
>
>Quick check at the "truss" logs shows that ksh looks for
>"methods_en_US.UTF-8.so.3" in /lib/ and /usr/lib/ when running in setuid
>mode...
>-- snip --
>1744:   stat("/lib/methods_en_US.UTF-8.so.3", 0xFFBFEBA0) Err#2 ENOENT
>1744:   stat("/usr/lib/methods_en_US.UTF-8.so.3", 0xFFBFEBA0) Err#2
>ENOENT
>-- snip --
>... and in ""/usr/lib/locale/en_US.UTF-8/" when running as user "root":
>-- snip --
>1760:   stat("/usr/lib/locale/en_US.UTF-8/methods_en_US.UTF-8.so.3",
>0xFFBFEEA8) = 0
>1760:  
>resolvepath("/usr/lib/locale/en_US.UTF-8/methods_en_US.UTF-8.so.3",
>"/usr/lib/locale/common/methods_unicode.so.3", 1023) = 4
>3
>1760:   open("/usr/lib/locale/en_US.UTF-8/methods_en_US.UTF-8.so.3",
>O_RDONLY) = 3
>-- snip --
>
>Ienup:
>Do you have any idea what may be going wrong here (the matching i18n
>sources are AFAIK not opensource... ;-() ?


Strange; I wonder why it ignores the /usr/lib/locale file.

Casper

Reply via email to