[PATCH] pam_exec questions and possible patch

Aaron Cohen aaron at assonance.org
Mon Mar 26 15:03:42 UTC 2007


> No, it is not pointless as your own tests shows and it has a huge
> difference, if you are doing a fork()/exec*() call.
> After exec*() on Linux the effective uid of the new process is the
> old real uid.

This is entirely false.  Linux does nothing to change either ruid or
euid on exec.

/* Compile a runroot */
/* chown root runroot */
/* chmod u+s runroot */
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>

void print_uids(char* prompt) {
        uid_t uid = getuid();
        uid_t euid = geteuid();

        printf("%sRunning with uid=%d, euid=%d\n", prompt, uid, euid);
}

int main(int argc, char** argv) {
        print_uids("Calling process: ");

        printf("Exec'ing printuid\n");

        execv("/tmp/printuid", argv);

        return 0;
}
-------------------------------------------------------------------

/* Compile as printuid and save to /tmp */
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>

void print_uids(char* prompt) {
        uid_t uid = getuid();
        uid_t euid = geteuid();

        printf("%sRunning with uid=%d, euid=%d\n", prompt, uid, euid);
}

int main(int argc, char** argv) {
        print_uids("Exec'ed process: ");
        return 0;
}

------------------------------------------------------------------------------------------

Output:
Calling process: Running with uid=1002, euid=0
Exec'ing printuid
Exec'ed process: Running with uid=1002, euid=0

The only thing we care about it the euid!!!




More information about the Pam-list mailing list