Re: uid change in sock_alloc breaks identd

Miquel van Smoorenburg (miquels@cistron.nl)
Tue, 21 Sep 1999 23:00:06 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Robert Tennent: "Re: eth0 slow down.."
Previous message: Paul Flinders: "2.3.18ac5 "busy page invalidated""
In reply to: Alan Cox: "Re: uid change in sock_alloc breaks identd"

According to Alan Cox:
> > - inode->i_uid = current->uid;
> > - inode->i_gid = current->gid;
> > + inode->i_uid = current->fsuid;
> > + inode->i_gid = current->fsgid;
> >
> > Now in the case of a setuid client like rlogin, the real uid is ther user
>
> Well your rlogin should have dropped back to the real user except for
> the call to bind() 8).

Well the problem is that rlogin and rsh call the library function
rcmd(). That function _has_ to be called with euid == 0.

The above change in 2.2.7 simply broke GNU libc. All versions ..
For apparently no reason (AFAICS, IMHO etc)

> The above also fixes well designed apps where if you
> ran them under su you got a wrong report 8)

I don't understand, whatever you run under su runs with
uid == suid == euid == fsuid, right ?

Anyway, a Linux-specific fix in rlogin and rsh is possible by doing

setfsuid(getuid());
.. rcmd() ..
setfsuid(geteuid());

That will work under all kernels, and will not break stuff
when the rcmd() function in glibc is fixed (or the kernel.....)

So Herbert, please fix rlogin and rsh :]

Mike.

-- ... somehow I have a feeling the hurting hasn't even begun yet -- Bill, "The Terrible Thunderlizards"

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Robert Tennent: "Re: eth0 slow down.."
Previous message: Paul Flinders: "2.3.18ac5 "busy page invalidated""
In reply to: Alan Cox: "Re: uid change in sock_alloc breaks identd"