程序仍然能够在setuid和setgid之后仅打开root用户文件
[英]Program still able to open root only files after setuid and setgid
问题描述
I'm writing a program which will operate as different users based on authentication. 
我正在编写一个程序,该程序将基于身份验证以不同的用户身份运行。 The program is setuid root and uses PAM authentication before dropping privileges. 该程序是setuid root,并在删除特权之前使用PAM身份验证。
I'm using setuid() and setgid() to drop privileges after authentication. 我正在使用setuid()和setgid()在身份验证后放弃特权。 But apparently this isn't enough as after calling these my program still seems to have access to open() root only files. 但是显然这还不够,因为在调用这些程序后,我的程序似乎仍然可以访问仅open()根文件。
Any suggestions? 有什么建议么?
#include <unistd.h>
#include <stdio.h>
// Code to drop Priv
int u = 1000, g = 1000;
printf("Starting User %d Group %d\n", (int) getuid(), (int) getgid());
printf("Setting User %d Group %d\n", u, g);
if (setgid(g) || setuid(u)) {
printf("Could not set uid or gid %d", errno);
return 0;
}
printf("Have set User %d Group %d\n", (int) getuid(), (int) getgid());
The output of from this is: 其输出为:
Starting User 0 Group 0
Setting User 1000 Group 1000
Have set User 1000 Group 1000
And yet after calling this code my program can still open a file which is root only permissions: 在调用此代码后,我的程序仍可以打开仅具有root权限的文件:
-rw-r----- 1 root root 505 May 5 2015 rootFile
The code to open is simple enough: 打开的代码非常简单:
// Later
int fd = open("rootFile", O_RDONLY);
if (fd == -1) {
// Never happens
} else {
// Happens
}
1 个解决方案
解决方案1
5 已采纳 2016-01-18 22:21:03
Take a look at this article: https://www.securecoding.cert.org/confluence/display/c/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges 看一下这篇文章: https : //www.securecoding.cert.org/confluence/display/c/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges
Looks like you may have "problem" with suplementary groups. 看起来您可能对补充团体有“问题”。 Before setting gid and uid do 在设置gid和uid之前
setgroups(0, NULL);
and your code should work. 并且您的代码应该可以正常工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.