hi again,
On Sun, Nov 25, 2007 at 02:19:46PM +0100, Michael Ablassmeier wrote:
> The agent uses popen in order to execute the UserCommands. I think popen just
> as exec* resets the gid to the saved-set-gid, which is then 0, thus the
> executed programm ends up with gid set to root.
just a short example of whats happening and how to reproduce this:
> #include <sys/types.h>
> #include <unistd.h>
> #include <pwd.h>
> #include <stdio.h>
>
> int main() {
> struct passwd *pw;
> pw = getpwnam("abi");
> FILE *pipe;
> char buf[25];
> setgid(pw->pw_gid);
> setuid(pw->pw_uid);
>
> printf("my gid: %d\n", getegid());
> printf("my uid: %d\n", getuid());
>
> pipe = popen("/usr/bin/id", "r");
> while (fgets(buf, sizeof buf, pipe)) {
> printf("%s", buf);
> }
> printf("\n");
> pclose(pipe);
> }
[EMAIL PROTECTED]:~# ./a.out
my gid: 1000
my uid: 1000
uid=1000(abi) gid=1000(abi) groups=0(root),102(lpadmin),1001(wheel)
bye,
- michael
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
