lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20100102151928.GB401@unpythonic.net>
Date:	Sat, 2 Jan 2010 09:19:28 -0600
From:	Jeff Epler <jepler@...ythonic.net>
To:	Kevin Qu <rofail@...il.com>
Cc:	dhowells@...hat.com, linux-kernel@...r.kernel.org
Subject: Re: how to get right euid?

On Sat, Jan 02, 2010 at 09:16:42PM +0800, Kevin Qu wrote:
> sudo echo "some thing" > /proc/my_file
> 
> It denied. (But it works when I su to superuser and do so.)
> 
> So I checked the current_euid(),
> but it returns 1000 (not 0),Why?

This may be due to a misunderstanding of how shell redirects work.
Probably current_euid() is returning exactly the right thing.

When you execute
    some command line > somefile
the shell opens somefile for writing and makes it be fd 1 (stdout) using
dup2.  Then it execs 'some' with the argument array being
['some', 'command', 'line'].

So consider your sudo:  The shell, running as user 1000, opens
'somefile' for writing, then execs 'sudo' which happens to be setuid
root.

Jeff
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ