smbpasswd and euid detection
Craig Kelley
ink at inconnu.isu.edu
Thu Jan 2 17:48:44 GMT 2003
Hello Samba folks;
For some time now, I've been patching smbpasswd to get rid of the
effective UID "detection" that it does. In 2.2.7a it simply tests if the
effective UID differs from the real UID, and if the effective UID is
'root' then it bails:
/* Check the effective uid - make sure we are not setuid */
if ((geteuid() == (uid_t)0) && (getuid() != (uid_t)0))
This test will bail out if smbpasswd isn't suid 0, but the process that
calls it is (eg, a utility agent for changing passwords and such). I've
made a preliminary diff to actually stat() the executable to determine if
it is suid 0:
http://otc.isu.edu/smbpasswd-euid.diff
--
Craig Kelley -- kellcrai at isu.edu
Turn In Your Neighbor Today! http://www.bsa.org/usa/report/report.php
http://www.isu.edu/~kellcrai finger ink at inconnu.isu.edu for PGP block
More information about the samba-technical
mailing list