Bugtraq mailing list archives
Re: Generic wrapper
From: dholland () EECS HARVARD EDU (David Holland)
Date: Fri, 30 May 1997 18:40:27 -0400
One caveat: this wrapper will break programs with symbolic links that perform different functions of the wrapped program (like sendmail, which has links for mailq and newaliases). This is because the wrapper resets argv[0] to the name of the wrapper program before executing the wrapped program.
This is because of programs that do things like execve(argv[0], argv, environ); when running setuid. (Since argv[0] can be set by the parent process, it's trivial to set it to /bin/sh and thus get a shell.)
IRIX users will get nastily bit if they wrap /sbin/df, because /etc/devnm (a symlink to df) will produce wierd results, causing the boot sequence to fail to create the root device links /dev/root and /dev/rroot, along with any tape device links. Your system will still boot normally, but you won't have access to your tape drives and the system will claim that the root filesystem is not mounted.
Oy. Does this mean that if you ln -s /sbin/df /tmp/devnm and run /tmp/devnm that it will hose the system? -- - David A. Holland | VINO project home page: dholland () eecs harvard edu | http://www.eecs.harvard.edu/vino
Current thread:
- Generic wrapper Joe Zbiciak (May 26)
- <Possible follow-ups>
- Re: Generic wrapper Jonathan Rozes (May 30)
- SECURITY: Vulnerability in libX11 (fwd) Simon Karpen (May 29)
- Re: Generic wrapper Joe Zbiciak (May 30)
- Re: Generic wrapper David Holland (May 30)