suid, www-data user, and gui program amarok, not working together.
I'm trying to make a web page that has buttons to control my running
music player application "Amarok" (Amarok is a Debian package). I can
control it from the command line by issuing this command:
$ amarok -t
That command toggles the music on and off.
I run Apache2 on Debian Lenny and the command gets run as the user
www-data. That user (www-data) doesn't have access to my running
Amarok session so I tried to make a shell script that has the setuid
flag set (chmod 4755) but Debian doesn't allow script files to be set
setuid. So I created a binary and set the binary to setuid. The source
code for the binary is as follows:
##############
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>
int main()
{
setuid( 1000 ); // uid 1000 == user tommy.
system( "id" );
system( "amarok -t" );
return 0;
}
##############
Then I compiled it with:
$ gcc ./tmusicall.c -o tmusicall
I chmoded it with:
$ chmod 4755
I changed user to www-data with:
$ su - www-data
Then I ran the binary:
www-data@todu:/home/tommy/test$ ./tmusicall
uid=1000(tommy) gid=33(www-data) groups=20(dialout),33(www-data)
: cannot connect to X server
www-data@todu:/home/tommy/test$
So we can see that the binary ran with uid tommy privileges, but still
cannot execute "amarok -t" properly.
I even ran these commands but still kept getting the ": cannot connect
to X server" error message:
$ xhost +localhost
$ xhost +Localhost
Why can't the binary execute "amarok -t" when it is confirmed that it
is indeed running as user "tommy"?
I've been at it for hours. Any ideas on how to proceed and perhaps
solve my problem?
--
Regards,
Thomas Anderson
"Quidquid latine dictum sit, altum sonatur"
Reply to: