[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: script timer

Subject: Re: script timer
From: "Binand Raj S." <binand@xxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 12 Aug 1999 11:39:26 +0530

On Wed, Aug 11, 1999 at 09:58:45AM +0530, Chakrabarti, Suvendra (CTS) wrote:
>      Hi Binand,
> 
>      I totally agree with you that for any program that involves security
>      issues, and runs with suid/ sgid bits set, should never make system()
>      calls.
>      system() infact always invokes /bin/sh -c string (refer man). So even
>      if the PATH variable does not contain /usr/local/bin, you can invoke a
>      program using /usr/local/bin/my_prog, I think that will expand to
>      ** /bin/sh -c /usr/local/bin/my_prog **

Yes, that is true. But the point I was trying to make was that if there is 
another my_prog (a possibly malicious one) in the path before /usr/local/bin,
then there is a problem.

>            The return value is 127 if the execve() call for /bin/sh fails,
>            -1 if there was another error and the return code of the 
>            command otherwise.

And that is all the information that system() gives you. You wouldn't know
if the program you tried to spawn failed because of a signal, and if it
did, which signal it was. Whereas, by using execl()/execv(), You can precisely
pin point why the child process failed.

> 
>     Well now excerpts from the exec() family man pages -
> 
>            The exec family of functions replaces the current process
>            image with a new process image. The functions described
>            in this manual pages are front-ends for the execve().
> 
>      You can well see, that both exec() families and system() ultimately
>      invoke execve(), with different sets of parameters.

Fine, but please note that I recommended always only execl and execv. The
other functions of the family also do a path lookup, and are inherently
dangerous.

> 
>      I will try to emulate a crash, with a program doing execve() using
>      exec() families ;-), setting uid/gid to 0. I don't know what happens
>      in that case, I will check (not until weekend *sic*). Will keep in
> touch.
> 

OK. get back. :-)

Binand
- --------------------------------------------------------------------
For more information on Linux in India visit http://www.linux-india.org/
The Linux India mailing list does not accept postings in HTML format.

------------------------------

End of Linux India Digest V1 #168
*********************************

--------------------------------------------------------------------
To unsubscribe send an email to majordomo@xxxxxxxxx with the word
'unsubscribe linux-india-digest' (without the quotes) in the body
of the email.

Prev by Subject: RE: script timer
Next by Subject: Sendmail.cf help -- list of all recipients
Previous by thread: RE: script timer
Next by thread: Suggestion to PCQUEST.
Index(es):
- Subject
- Thread