[9021] in bugtraq
Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service)
daemon@ATHENA.MIT.EDU (Mark Crosbie)
Sun Jan 10 14:33:54 1999
Date: Sat, 9 Jan 1999 09:36:56 -0800
Reply-To: Mark Crosbie <mcrosbie@CUP.HP.COM>
From: Mark Crosbie <mcrosbie@CUP.HP.COM>
X-To: Nick Maclaren <nmm1@CUS.CAM.AC.UK>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Fri, 08 Jan 1999 19:19:16 +0100."
<E0zyhRE-00013T-00@ursa.cus.cam.ac.uk>
In message <E0zyhRE-00013T-00@ursa.cus.cam.ac.uk>, Nick Maclaren writes:
>Consider things like job schedulers, printing systems and so on. User
>A calls one of those, which runs as user B. It then calls mail - the
>examples were chosen because both of them do precisely that. Which
>is the user identification that the mailer should use?
In this case, a concept similar to "session IDs" would help: a session ID
records the original identity of the user that initiated this login session.
It is copied across all su calls, and inherited by fork and exec calls.
Thus, the process running as user B, still has an session ID of user A. Hence,
when it calls the mailer, the session ID is still user A, which can be used for
access control checking. Granted a system call may now be needed to
get_session_id() or similar, but if you trust the kernel, you can trust the
session ID.
Session IDs are found in the HPUX kernel (they're called audit ID) and I think
most other kernels support some notion of a session ID inherited across
processes.
Note: a process cannot change its session ID. It is set by the kernel when the
login process execs the process group leader. It never changes from then on
in. It is usually stored in some "trusted database" so that you can go back
over time and map session IDs to actual real people.
Just a thought...
Mark
>Regards,
>Nick Maclaren,
>University of Cambridge Computing Service,
>New Museums Site, Pembroke Street, Cambridge CB2 3QG, England.
>Email: nmm1@cam.ac.uk
>Tel.: +44 1223 334761 Fax: +44 1223 334679
--
Mark Crosbie http://www.best.com/~mcrosbie
Hewlett-Packard MS 47 LA mcrosbie@cup.hp.com
19447 Pruneridge Avenue (408) 447-2308
Cupertino, CA 95014 (408) 447-6766 FAX
