uid- task_struct --The results of the code sent by you

From: sena
Date: Thu Jan 08 2004 - 00:21:04 EST

Next message: Iqbal: "RE: removable media revalidation - udev vs. devfs or static /dev"
Previous message: Randy.Dunlap: "Re: /drivers/net/tulip/dmfe.c may be outdated : kernel loadingproblem"
Next in thread: Robin Holt: "Re: uid- task_struct --The results of the code sent by you"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Robin,

(As previously I could not copy to linux-kernel I am sending it again)

Thanks for your time.

I have loaded the module sent with some changes and got some results.

I got 2 people to login remotely using telnet.

as herft and as herft1

herft runs a small executable called ./myprog.

The reseults I got is as follows in var/log/messages

Jan 8 03:46:23 sena kernel: Pid 1193 uid 0 euid 0
Jan 8 03:46:23 sena kernel: Pid 1220 uid 0 euid 0
Jan 8 03:46:23 sena kernel: Pid 1251 uid 0 euid 0--->this is telnet
Jan 8 03:46:23 sena kernel: Pid 1252 uid 0 euid 0
Jan 8 03:46:23 sena kernel: Pid 1253 uid 500 euid 500 --->this is bash
Jan 8 03:46:23 sena kernel: Pid 1381 uid 500 euid 500--->This is exec
Jan 8 03:46:23 sena kernel: Pid 1383 uid 0 euid 0---->telnet
Jan 8 03:46:23 sena kernel: Pid 1384 uid 0 euid 0
Jan 8 03:46:23 sena kernel: Pid 1385 uid 501 euid 501---->This is bash
Jan 8 03:46:23 sena kernel: Pid 1417 uid 0 euid 0

Then I ps -ale

The result is as follows
UID PID
100 S 0 1251 638 0 69 0 - 426 do_sel ? 00:00:00 in.telnetd-----------This is telnet
100 S 0 1252 1251 0 69 0 - 599 wait4 ? 00:00:00 login
100 S 500 1253 1252 0 69 0 - 1009 wait4 pts/4 00:00:00-------- bash
000 S 500 1381 1253 0 69 0 - 309 nanosl pts/4 00:00:00----------- myprog
100 S 0 1383 638 0 69 0 - 426 do_sel ? 00:00:00 in.telnetd----------This is telnet
100 S 0 1384 1383 0 69 0 - 599 wait4 ? 00:00:00 login
100 S 501 1385 1384 0 68 0 - 1009 read_c pts/5 00:00:00--------- bash
100 R 0 1795 1220 0 74 0 - 762 - pts/3 00:00:00 ps

I probably got the same thing as yours. This means task_struct uid has got its owners uids in the processes started through telnet. but telnet servers uid=0

This means either I will have to consider telnet thing as root (though it is started by the user login)

or

What do you think Robin?

THE CODE:
// count_active_tasks.c -

#include <linux/sched.h>
#include <linux/module.h> // Needed by all modules
#include <linux/kernel.h> // Needed for KERN_ALERT
#include <linux/init.h> // Needed for the macros

#define DRIVER_AUTHOR "Sena Seneviratne/Robin Holt"

#define DRIVER_DESC "A sample Test driver"

#define _LOOSE_KERNEL_NAMES
/* With some combinations of Linux and gcc, tty.h will not compile without
_LOOSE_KERNEL_NAMES.
*/
#include <linux/tty.h> /* console_print() interface */

static int
count_active_tasks_init(void)
{
struct task_struct *p;

read_lock(&tasklist_lock);

for_each_task(p) {
printk(KERN_EMERG "Pid %d uid %d euid %d\n",
p->pid, p->uid, p->euid);

//console_print("Hellow");

}
read_unlock(&tasklist_lock);
return 0;
}

static void count_active_tasks_exit(void)
{
printk(KERN_ALERT "Goodbye, world 2\n");
}

module_init(count_active_tasks_init);
module_exit(count_active_tasks_exit);

MODULE_LICENSE("GPL");

MODULE_AUTHOR(DRIVER_AUTHOR); // Robin/sena wrote this module
MODULE_DESCRIPTION(DRIVER_DESC); // What does this module do?

MODULE_SUPPORTED_DEVICE("dummy testdevice");

Thanks
Sena Seneviratne
Computer Engineering Lab
Sydney University

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Iqbal: "RE: removable media revalidation - udev vs. devfs or static /dev"
Previous message: Randy.Dunlap: "Re: /drivers/net/tulip/dmfe.c may be outdated : kernel loadingproblem"
Next in thread: Robin Holt: "Re: uid- task_struct --The results of the code sent by you"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]