[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: code/module request: undo setuid
From: |
Bruno Haible |
Subject: |
Re: code/module request: undo setuid |
Date: |
Wed, 12 Nov 2008 13:27:30 +0100 |
User-agent: |
KMail/1.5.4 |
Sam Steingold wrote:
> > The general opinion, among security aware developers, already for 10
> > years, is that the amount of code which is executed with setuid root
> > permissions should be minimal.
>
> this is all nice, but this does not answer my question.
> I agree that that it is not a good idea to run a large application
> setuid root
Fine.
> Please see the discussion here:
> https://sourceforge.net/forum/message.php?msg_id=5611456
The discussion is here:
http://news.gmane.org/gmane.lisp.clisp.general/cutoff=12548
http://article.gmane.org/gmane.lisp.clisp.general/12533
Please don't recommend URLs to https://sourceforge.net/forum/ any more -
I refuse to read discussions in an advertisement loaded environment.
In that discussion,
- Fare says that he has some Lisp-based executables that are setuid root,
- You insist on having an option that, given a Lisp-based executable,
allows to get into a REP loop for that executable.
Taken together, it means that every setuid Lisp-based executable allows
every user to take control of the machine.
> All I can do is to revert setuid for a dangerous operation.
Is the REP loop above the "dangerous operation" you are talking about?
If so, the magic is
/* This is for executables that have the setgid bit set. */
#if HAVE_SETREGID
setregid (getgid (), getgid ());
#else
setegid (getgid ());
#endif
/* This is for executables that have the setuid bit set. */
#if HAVE_SETREUID
setreuid (getuid (), getuid ());
#else
seteuid (getuid ());
#endif
Bruno