[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#58640: wrapper does not handle fakeroot well

On Tue, Feb 22, 2000 at 09:31:22AM +0200, Fabrizio Polacco wrote:
> On Mon, Feb 21, 2000 at 02:52:27PM -0500, Clint Adams wrote:
> > Package: man-db
> > Version: 2.3.10-71
> > Severity: important
> > 
> > % fakeroot sh
> > sh-2.03# man man
> > Password: 
> > 
> Jeah, it's because of the test 
> 	[ `id -u` = 0 ] 
> Joost, is there a simple way to test if a "root" is a "fakeroot"
> instead?

Don't even think about testing for fakeroot. 

> >From a shell script or even from a C prog (I'm convincing myself that I
> need to rewrite the wrapper in C and make it suid nobody ... or forget
> this wrapper stuff at all :-).

Nothing is owned by nobody, and certainly nothing should be suid nobody :-).
Actually, I think the whole idea of the man wrapper su'ing to nobody is 
flawed, because the temporary files created while decompressing manpages 
could be owned by nobody.

What's wanted is a wrapper like this:

#include <sys/types.h>
#include <stdlib.h>
#include <unistd.h>
#include <pwd.h>
#include <grp.h>
#include <stdio.h>

int main(int argc, char**argv)
  if (!getuid()) {
    /* Don't risk executing setuid program man as root */
    struct passwd *pwd;
    const char    *manuser = "man";

    pwd = getpwnam(manuser);
    if (!pwd ||
	setgid(pwd->pw_gid) ||
	initgroups(manuser, pwd->pw_gid) ||
	setuid(pwd->pw_uid)) {
      perror("failed su to man");
      return -2;
  /* Chain to man */
  return -1;

which just completely su's to man when root runs man.
(or create a new account to run root manpage accesses under, and modify

This is not necessarily only applicable to man.. are there any other setuid
programs (to uid's other than root) which this would apply to?

Still doesn't work with fakeroot though... I haven't looked into that yet. 

Perhaps you'd like to enlighten me - why is mandb setuid man anyway? If man 
calls mandb when the db needs updating, then it can pass the setuid man 
priviledges to it. I can't think offhand why ordinary users would need to use 
mandb directly, maybe I'm overlooking something though.

-rwx--x--x    1 cph      cph          3612 Feb 22 19:27 man
-rw-------    1 cph      cph           600 Feb 22 19:05 man.c


Reply to: