Re: Effective, Real and Group id switching for daemons
From: lists@notatla.demon.co.uk
Date: 01/25/03
- Previous message: jasonk: "RE: Standards for developing secure software"
- Maybe in reply to: John Hanna: "Effective, Real and Group id switching for daemons"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: jhanna@cproject.com, secprog@securityfocus.com Date: Sat, 25 Jan 2003 12:16:06 +0000 (GMT) From: lists@notatla.demon.co.uk
From: "John Hanna" <jhanna@cproject.com>
> One of the important features is to be able to run as non-root after we
> start listening on port 25.
I can think of 2 other options:
use a high port as non-root with port-forwarding to get SMTP traffic
bind as non-root to port 25 (simple in open-source *nix)
> First is it important to switch the real uid as well? It might be nice to
> ... but not real-uid I suppose the clever hacker would switch the
Exactly - you need to do that.
> Secondly do I need to give the option to switch effective and real group id
> as well? I suppose root group might be able to do something a hacker
> shouldn't, even after they've lost root euid, right?
A few moments with "man perlvar" should lead you to something like this
which you can test by running it as root.
#!/usr/bin/perl -w
system("id");
$)="500 500"; # set group IDs, appears twice to call setgroups()
$(=500;
system("id");
$>=500; # set user IDs
$<=500;
system("id");
- Next message: Ben Pfaff: "Re: Standards for developing secure software"
- Previous message: jasonk: "RE: Standards for developing secure software"
- Maybe in reply to: John Hanna: "Effective, Real and Group id switching for daemons"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
