SUMMARY: HELP! setuid c wrapper

From: David W. Blaine (blained@gdls.com)
Date: Mon Aug 23 1999 - 14:45:54 CDT


Sorry for the delay in summarizing my findings, but I was away on training for
the last week.

Thanks to the following people for leading me in the right direction:

foster@bial1.ucsd.edu
Luis Pablo Perez <pperez@cidi.com.ar>
Steve Harris <harris@hades.gsfc.nasa.gov>
Stephen Harris <sweh@mpn.com>
Craig Raskin <raskin@compusec.org>
JON WRIGHT <Jon.Wright@awtpl.com.au>
Anthony David <adavid@deetya.gov.au>
"Carsten B. Knudsen" <cbk@terma.dk>

My C wrapper was the problem. It needed to call setuid(0) and seteuid(0) before
exec'ing my script. Here is the corrected C wrapper:

/* program: update
   author: D.Blaine
   date: 08/04/99

   purpose: C program wrapper that calls ksh update.sh script
*/

#define REAL_H2N "/usr/local/dns/update.sh"
main(argc, argv)
char **argv;
{
        setuid(0);
        seteuid(0);
        execv(REAL_H2N, argv);
}

The above code sans the corrections is almost word-for-word out of the Perl book
I have (O'Reilly's Advanced Perl Programming). Funny, they didn't mention the
setuid/seteuid function calls! Many people mentioned correcting the Perl code so
that when it runs in "taint" mode it doesn't spit all over itself. I was able to
add a secure environment but I was never able to open files for write properly.
Of course, I got my pointers from the same Perl book mentioned above. Oh well.
Problem solved.

Thanks again,

Dave Blaine
CSC

------------- Begin Forwarded Message -------------

Date: Fri, 13 Aug 1999 16:17:54 -0400 (EDT)
From: "David W. Blaine" <blained@gdls.com>
Subject: HELP! setuid c wrapper
To: sun-managers@sunmanagers.ececs.uc.edu
MIME-Version: 1.0
Content-MD5: vbkFRqE2ILn/utkrF96xmA==

Hi sun-gurus:

I am not sure if this is a proper forum for this question but here goes. I have
a ksh script for DNS updates which calls some perl code (h2n). Since this script
needs to run with root priviledge, I wrote a C wrapper that is setuid to call
it. I get the following:

update -f

Executing update.sh on Fri Aug 13 16:08:18 EDT 1999:

Backing up old hosts table
Done!

Copying hosts table changes into production
Done!

Running h2n on new hosts table
Insecure dependency in open while running setuid at /usr/local/bin/h2n line 465.
ERROR encountered during h2n processing!

Perl is complaining about running setuid, but I thought the C wrapper would take
care of that (at least that's what the docs tell me). Here are the permissions I
have set.

ls -al update*
-rwsr-xr-- 1 root 23720 Aug 13 16:04 update
-rw-r--r-- 1 root 228 Aug 13 16:03 update.c
-r-xr-xr-- 1 root 4320 Aug 12 13:59 update.sh
-r-xr-xr-- 1 root 20476 Aug 4 16:42 h2n

The system it runs on is running Solaris 2.5.1.

Any ideas???

 
------------------
David Blaine (blained@gdls.com)
Computer Systems Engineer
CSC for GDLS
Phone: 810-825-7650

------------- End Forwarded Message -------------



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:25 CDT