From owner-FreeBSD-users-jp@jp.freebsd.org  Mon Jul 14 10:06:20 1997
Received: by jaz.jp.freebsd.org (8.8.6+2.7Wbeta5/8.7.3) id KAA08957
	Mon, 14 Jul 1997 10:06:20 +0900 (JST)
Received: by jaz.jp.freebsd.org (8.8.6+2.7Wbeta5/8.7.3) with ESMTP id KAA08951
	for <freebsd-users-jp@jp.freebsd.org>; Mon, 14 Jul 1997 10:06:18 +0900 (JST)
Received: from scopsowl.mke.mei.co.jp (root@scopsowl.mke.mei.co.jp [157.8.107.10]) by mkegw0.mke.mei.co.jp (8.8.5+2.7Wbeta4/3.4Wbeta6MKE-FW) with ESMTP id KAA21815 for <freebsd-users-jp@jp.freebsd.org>; Mon, 14 Jul 1997 10:01:14 +0900 (JST)
Received: from mkegate0.mke.mei.co.jp ([157.8.106.130]) by scopsowl.mke.mei.co.jp (8.8.5+2.7Wbeta4/3.4Wbeta6MKESERVER) with SMTP id KAA14458 for <freebsd-users-jp@jp.freebsd.org>; Mon, 14 Jul 1997 10:00:51 +0900 (JST)
Received: from soft.saijo.mke.mei.co.jp by mkegate0.mke.mei.co.jp (4.1/3.5Wbeta)
	id AA19700; Mon, 14 Jul 97 10:00:12 JST
Received: from vepc03.saijo.mke.mei.co.jp by soft.saijo.mke.mei.co.jp (4.1/3.5Wbeta)
	id AA04678; Mon, 14 Jul 97 10:08:01 JST
Received: from localhost (localhost [127.0.0.1]) by vepc03.saijo.mke.mei.co.jp (8.8.5/3.4W4) with ESMTP id KAA29743 for <freebsd-users-jp@jp.freebsd.org>; Mon, 14 Jul 1997 10:07:10 +0900 (JST)
To: freebsd-users-jp@jp.freebsd.org
X-Mailer: Mew version 1.85 on Emacs 19.28.1 / Mule 2.3
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <19970714100709P.kana@saijo.mke.mei.co.jp>
Date: Mon, 14 Jul 1997 10:07:09 +0900
From: Masanori Kanaoka <kana@saijo.mke.mei.co.jp>
X-Dispatcher: imput version 970701
Lines: 98
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: bulk
X-Distribute: distribute [version 2.1 (Alpha) patchlevel=19]
X-Sequence: FreeBSD-users-jp 15789
Subject: [FreeBSD-users-jp 15789] About set SUID root
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org

$B6b2,!w>>2<<w$G$9!#(B

Masaki KONUMA <konuma@de.mtex.co.jp> $B$5$s(B
Keisuke Inoue <keisuke@aa.cs.keio.ac.jp> $B$5$s(B
 Yuuichi Teranishi <teranisi@isl.ntt.co.jp> $B$5$s(B

  $B?'!9$"$j$,$H$&$4$6$$$^$7$?!#(B

 $B<B9T=PMh$k$h$&$K$J$C$F!"(B

	% imget -s pop/RPOP:kana@analog
	imget: ERROR: invalid password.

$B$H%(%i!<$,$G$k$N$O(B analog $B$N(B popper $B$,(B rpop $B$KBP1~$7$F$$$^$;$s$G$7$?!#(B
$B$9$$$^$;$s$G$7$?!#(Bm(_ _)m

 $B65$($F$$$?$3$H$r!"<+J,$J$j$K$^$H$a$F8+$^$7$?!#$*$+$7$$=j$,$"$l$P(B
$B;XE&$r$*4j$$$7$^$9!#(B(FreeBSD $B$NOC$G$O$J$/$F!"(BPerl $B$NOC$G$7$?$M!#(B(^^;;;;;;;) 

----[ $B<ALd(B ]-------------------------------------------------------------

FreeBSD2.2.1-RELEASE $B>e$G!"(Bmule + mew-1.85 + im-40 (Perl5 $B$N%9%/%j%W%H(B) $B$G(B
 imget $B%3%^%s%I$G(B RPOP $B$r$7$h$&$H$9$k$H!"<!$N$h$&$K%(%i!<$K$J$j$^$9!#(B

	% imget -s pop/RPOP:kana@analog
	imget: ERROR: RPOP operation requires SUID root.

$B%U%!%$%k$N%b!<%I$r3NG'$9$k$H(B

 -r-sr-xr-x  1 root  bin  3674 Jul 10 16:18 /usr/local/bin/imget

$B$H$J$C$F$$$k$N$G$9$,!"(B

 setuid root $B$H$O!"(Bowner $B$,(B root $B$G!"%U%!%$%k%b!<%I$N(B onwer $B$N<B9T8"$N(B
$B$H$3$m$,(B s $B$K$J$C$F$$$k$3$H!"$@$H;W$C$F$$$?$N$G$9$,!"0c$&$N$G$7$g$&$+!)(B

 $B$=$l$H$b!"$J$K$+@_Dj$,$L$1$F$$$k$N$G$7$g$&$+!)(B

----[ $B2sEz$+$i$o$+$C$?$3$H!"3NG'$7$?$3$H(B ]-------------------------------------

1. setuid root $B$H$O!"(Bowner $B$,(B root $B$G!"%U%!%$%k%b!<%I$N(B onwer $B$N<B9T8"$N(B
  $B$H$3$m$,(B s $B$K$J$C$F$$$k>uBV!#(B

2. FreeBSD $B$G$O!"(Bsetuid root $B$5$l$?(B script $B$O!"%;%-%e%j%F%#%[!<%k$K$J$k$+$i(B
   root $B$N8"8B$G$O<B9T$5$l$J$$!#$=$&$$$C$?(B script $B$r<B9T$9$k$?$a$K!"(Bwrapper 
   program $B$r7PM3$7$F<B9T$9$k$3$H$,$G$-$k!#(B

3. Perl $B$N>l9g!"%7%9%F%`$G(B setuid/setgid $B$7$?(B script $B$r<B9T$5$l$J$$>l9g!"(B
  setuid/setgid $B$r%(%_%e%l!<%H$7$F<B9T$9$k5!G=$,$"$k!#(B

 Perl5.004 $B$r%$%s%9%H!<%k$7$?$H$-$K!"(Bsetuid/setgid $B$r%(%_%e%l!<%H$9$k$h$&(B
$B$K$7$F$$$J$+$C$?$N$G!"<B9T$7$F$b%(%i!<$K$J$C$F$$$?$h$&$G$9!#(B

 Perl5.004 $B$r(B setuid/setgid $B$r%(%_%e%l!<%H$9$k$h$&$K:FEY%$%s%9%H!<%k$7$J$*$9$H(B
 setuid root $B$G<B9T$G$-$k$h$&$K$J$j$^$7$?!#(B

$B$^$?!"(B

 Perl5.004$B$NG[I[$N$J$+$K!"(Bwrapper program $B$r@8@.$7$F$/$l$k%9%/%j%W%H$,!"(B
perl5.004/eg/wrapsuid $B$H$7$F$"$k$H$$$&$3$H$G!"65$($FD:$$$?<!$N%Q%C%A$r$"$F$F(B

-----------------------------------------------------
--- wrapsuid~	Fri Jul 11 11:54:03 1997
+++ wrapsuid	Fri Jul 11 11:56:44 1997
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/local/bin/perl
 'di';
 'ig00';
 #
@@ -56,7 +56,7 @@
 }
 ';
     close C;
-    system '/bin/cc', ".tmp$$.c", '-o', $file;
+    system '/usr/bin/cc', ".tmp$$.c", '-o', $file;
     die "Can't compile new $_" if $?;
     chmod $mode, $file;
     chown $uid, $gid, $file;
-----------------------------------------------------------

# ./wrapsuid /usr/local/bin/imget

$B$r<B9T$9$k$H!"(Bsetuid/setgid $B$r%(%_%e%l!<%H$7$F$$$J$$(B Perl $B$G$b!"(B
imget $B$r<B9T$9$k$H(B setuid root $B$G<B9T$9$k$3$H$,$G$-$^$7$?!#(B

$B$3$N$"$?$j$K$D$$$F;29M$K$J$k;qNA$O!"(B

 man perlsec
($BOBLu$,(B http://www.bekkoame.or.jp/~syunji/perl/man/ $B$K$"$j$^$9!#(B) 

$B$H$N$3$H!"$H$$$&$3$H$GBgJQJY6/$K$J$j$^$7$?!#(B

-------------------------------------------------------------------------------
------ $B>>2<<wEE;R9)6H3t<02q<R(B  $B1GA|3+H/%;%s%?!<!!1GA|5;=QIt(B ----
$B!!6b2,!!@57{!!!!!!(BTEL:0897-56-1111($BFb(B518)  FAX:0897-56-8142
---------------- Masanori Kanaoka <kana@saijo.mke.mei.co.jp>----

