Re: Bug#58640: wrapper does not handle fakeroot well
On Tue, Feb 22, 2000 at 09:31:22AM +0200, Fabrizio Polacco wrote:
> On Mon, Feb 21, 2000 at 02:52:27PM -0500, Clint Adams wrote:
> > Package: man-db
> > Version: 2.3.10-71
> > Severity: important
> >
> > % fakeroot sh
> > sh-2.03# man man
> > Password:
> >
>
> Jeah, it's because of the test
>
> [ `id -u` = 0 ]
>
> Joost, is there a simple way to test if a "root" is a "fakeroot"
> instead?
Don't even think about testing for fakeroot.
> >From a shell script or even from a C prog (I'm convincing myself that I
> need to rewrite the wrapper in C and make it suid nobody ... or forget
> this wrapper stuff at all :-).
Nothing is owned by nobody, and certainly nothing should be suid nobody :-).
Actually, I think the whole idea of the man wrapper su'ing to nobody is
flawed, because the temporary files created while decompressing manpages
could be owned by nobody.
What's wanted is a wrapper like this:
#include <sys/types.h>
#include <stdlib.h>
#include <unistd.h>
#include <pwd.h>
#include <grp.h>
#include <stdio.h>
int main(int argc, char**argv)
{
if (!getuid()) {
/* Don't risk executing setuid program man as root */
struct passwd *pwd;
const char *manuser = "man";
pwd = getpwnam(manuser);
if (!pwd ||
setgid(pwd->pw_gid) ||
initgroups(manuser, pwd->pw_gid) ||
setuid(pwd->pw_uid)) {
perror("failed su to man");
return -2;
}
chdir(pwd->pw_dir);
}
/* Chain to man */
execv("/usr/lib/man-db/man",argv);
perror("execv");
return -1;
}
which just completely su's to man when root runs man.
(or create a new account to run root manpage accesses under, and modify
accordingly)
This is not necessarily only applicable to man.. are there any other setuid
programs (to uid's other than root) which this would apply to?
Still doesn't work with fakeroot though... I haven't looked into that yet.
Perhaps you'd like to enlighten me - why is mandb setuid man anyway? If man
calls mandb when the db needs updating, then it can pass the setuid man
priviledges to it. I can't think offhand why ordinary users would need to use
mandb directly, maybe I'm overlooking something though.
-rwx--x--x 1 cph cph 3612 Feb 22 19:27 man
-rw------- 1 cph cph 600 Feb 22 19:05 man.c
Colin
Reply to: