UID/GID bug in chrooted shells fixed.
Dave Dykstra
dwd at bell-labs.com
Mon Jun 17 13:45:02 EST 2002
On Fri, Jun 14, 2002 at 11:51:56AM +0100, Tom Worley wrote:
> On Friday 14 June 2002 12:09 am, Martin Pool wrote:
> > I'm not how that script will cause them to be set, but it may be
> > eff=root, real=testluser. In that case rsync will probably get pretty
> > confused, because I think it calls getuid() and will therefore think
> > it's not root, even though it is. As Dave says, this is not a
> > supported mode of operation: rsync wants to either be root, or not,
> > but not halfway.
> Ok, I'm not sure if this may cause any other issues, however I altered the
> main.c code, line 858, from:
> am_root = (getuid() == 0);
> to:
> am_root = (geteuid() == 0);
> It compiles without problem, and works perfectly under our conditions, and
> also works without setuid root as a normal, non-root, user, and also returns
> the correct uid for root when run without setuid root as root (if you see
> what I mean). Basically it works with/without setuid root, inside or outside
> a chroot jail with a root or non-root user as it should do.
Uh, I suppose you could do it that assuming you don't mind the fact that
there's bound to be zillions of ways for somebody with a real login on your
machine to use it give themselves root access, but even with that rsync
still might be confused. If you'd rather modify rsync than write a
wrapper, something that will be likely to cause rsync less confusion is
if (geteuid() == 0)
setuid(0);
- Dave Dykstra
More information about the rsync
mailing list