Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Generic wrapper

From: dholland () EECS HARVARD EDU (David Holland)
Date: Fri, 30 May 1997 18:40:27 -0400


One caveat: this wrapper will break programs with symbolic links
that perform different functions of the wrapped program (like
sendmail, which has links for mailq and newaliases). This is
because the wrapper resets argv[0] to the name of the wrapper
program before executing the wrapped program.


This is because of programs that do things like

        execve(argv[0], argv, environ);

when running setuid. (Since argv[0] can be set by the parent process,
it's trivial to set it to /bin/sh and thus get a shell.)


IRIX users will get nastily bit if they wrap /sbin/df, because /etc/devnm
(a symlink to df) will produce wierd results, causing the boot sequence to
fail to create the root device links /dev/root and /dev/rroot, along with
any tape device links. Your system will still boot normally, but you won't
have access to your tape drives and the system will claim that the root
filesystem is not mounted.


Oy. Does this mean that if you ln -s /sbin/df /tmp/devnm and run
/tmp/devnm that it will hose the system?

--
   - David A. Holland             |    VINO project home page:
     dholland () eecs harvard edu    | http://www.eecs.harvard.edu/vino
Previous By Date Next
Previous By Thread Next

Current thread: