setuid problem?

setuid problem?

Post by Jack Kessle » Sun, 31 Dec 1899 09:00:00



I have installed StarOffice 5.1 (which is terrific software, by the way) but
can only run it when logged in as root.  The privileges on 'soffice' are set
to provide execute privileges to everyone, but nothing happens when I click
on the icon if I am not root.

I have found a  similar result when I try to run the 'pppon' file (which I
wrote as root, per the excellent Unruh HOWTO and also gives everyone execute
privilege.).  It calls pppd.  When it does, the non-root user gets the error
message, "pppd is not setuid=root".   There are man pages for setuid and its
friend getuid, but I don't see either command on my system anywhere (Red Hat
6.2), not even with find.

What is the problem?  Should my system have setuid and getuid on it?  Is the
lack of them the problem or is it something else?  Is my inability to run
StarOffice the same problem as my inability to run pppd?  How do I fix this?

 
 
 

setuid problem?

Post by Paul Kimo » Thu, 28 Sep 2000 14:38:39



> I have found a  similar result when I try to run the 'pppon' file (which I
> wrote as root, per the excellent Unruh HOWTO and also gives everyone execute
> privilege.).  It calls pppd.  When it does, the non-root user gets the error
> message, "pppd is not setuid=root".   There are man pages for setuid and its
> friend getuid, but I don't see either command on my system anywhere (Red Hat
> 6.2), not even with find.

> What is the problem?  Should my system have setuid and getuid on it?  Is the
> lack of them the problem or is it something else?  

"setuid" is a state of being, not a command.  You can turn on the "setuid
bit" on an executable by running "chmod u+s /path/to/executable" (as the
owner of the executable).  You can see whether it's set by running "ls -l
/path/to/executable".  If the fourth character is "x", the file is a
_non_-suid executable, and if it's an "s", the file is a setuid executable.

Quote:> Is my inability to run
> StarOffice the same problem as my inability to run pppd?  How do I fix this?

I hope not.  It would invite security problems to run a whole office suite
(or any huge program) with the permissions of root.

--
Paul Kimoto
This message was originally posted on Usenet in plain text.  Any images,
hyperlinks, or the like shown here have been added without my consent,
and may be a violation of international copyright law.

 
 
 

setuid problem?

Post by Bill Unr » Thu, 28 Sep 2000 14:17:29



]I have installed StarOffice 5.1 (which is terrific software, by the way) but
]can only run it when logged in as root.  The privileges on 'soffice' are set
]to provide execute privileges to everyone, but nothing happens when I click
]on the icon if I am not root.

Perhaps you did not run soffice with the -net option? Thereafter each
user has to run setup themselves to set up about 2MB in their home
directory.

]I have found a  similar result when I try to run the 'pppon' file (which I
]wrote as root, per the excellent Unruh HOWTO and also gives everyone execute
]privilege.).  It calls pppd.  When it does, the non-root user gets the error
]message, "pppd is not setuid=root".   There are man pages for setuid and its
]friend getuid, but I don't see either command on my system anywhere (Red Hat
]6.2), not even with find.

It is on that page
cd /usr/sbin
chmod a+rx pppd chat
chmod u+s pppd         --- this sets suid
chmod a+rw /dev/ttyS?

 
 
 

setuid problem?

Post by Jack Kessle » Fri, 29 Sep 2000 16:00:35


Thanks very much.  I followed the second part of your message about pppd and chat and it
worked perfectly.  This was a big step forward because I want to be able to share my machine
with my housemates, and they have to be able to reach the ISP from their own accounts.

I also want them to be able to use Star Office from their accounts.

I am not sure I understood what you were telling me in the first part of your reply, about
how to set up Star Office so it will run from non-root accounts.

Was I supposed to run soffice with -net option from root or from non-root?  From an X
terminal or from the command line?  None seemed to have any effect.

Running setup from either account from Gnome got me a screen which gave me options to
reinstall, uninstall or repair the installed StarOffice, but nothing about setting up files
in my home directory.  Neither the reinstall nor repair options did anything I could discern.

Thanks again.



> ]I have installed StarOffice 5.1 (which is terrific software, by the way) but
> ]can only run it when logged in as root.  The privileges on 'soffice' are set
> ]to provide execute privileges to everyone, but nothing happens when I click
> ]on the icon if I am not root.

> Perhaps you did not run soffice with the -net option? Thereafter each
> user has to run setup themselves to set up about 2MB in their home
> directory.

> ]I have found a  similar result when I try to run the 'pppon' file (which I
> ]wrote as root, per the excellent Unruh HOWTO and also gives everyone execute
> ]privilege.).  It calls pppd.  When it does, the non-root user gets the error
> ]message, "pppd is not setuid=root".   There are man pages for setuid and its
> ]friend getuid, but I don't see either command on my system anywhere (Red Hat
> ]6.2), not even with find.

> It is on that page
> cd /usr/sbin
> chmod a+rx pppd chat
> chmod u+s pppd         --- this sets suid
> chmod a+rw /dev/ttyS?

 
 
 

setuid problem?

Post by Bill Unru » Sun, 31 Dec 1899 09:00:00


] I also want them to be able to use Star Office from their accounts.
]
] I am not sure I understood what you were telling me in the first part of your reply, about
] how to set up Star Office so it will run from non-root accounts.

You must intially run setup with the -net option as root. Then each of
the users who want to use staroffice must run setup
as well. They must choose the small option (not the real name but the
one that installs about 2MB of files in the user's directory).

]
] Was I supposed to run soffice with -net option from root or from non-root?  From an X
] terminal or from the command line?  None seemed to have any effect.
]
] Running setup from either account from Gnome got me a screen which gave me options to
] reinstall, uninstall or repair the installed StarOffice, but nothing about setting up files
] in my home directory.  Neither the reinstall nor repair options did anything I could discern.

Uninstall as root first. Then reinstall using the -net option.

 
 
 

1. Need help with setuid() problems on 386/ix with setuid root program.

I have a program that needs to be able to do the following under ISC 386/ix
(System V R3.2):

        setuid to one of about 3 different accounts ("Account X")
        do some work under that ID.
(*)     setuid back to the ID of the person that originally ran it.
        send some mail to Account X saying what was done.

The program needs to be able to change to one of the 3 or so different
accounts, so It's made setuid root. It doesn't actually want to do its
work under uid root, so it setuid's to whichever account it needs immediately.
[ It can't setuid to ANY account, only to one of the 3 or so ].

The problem is that when the program send the mail to X, I want it to come
addressed from the person that ran the program, not from X.

According to the manual, you can setuid() to the saved-uid from exec();
but I can't get the setuid back to the persons ID to work. (*)

        Can anyone shed some insight on my problem?

                                        thanks
                                                Greyham.
--
/*  Greyham Stoney:                            Australia: (02) 428 6476  *

 *          "BUT THAT'S JUST A BUTTON ON A STRING, BASICLY!!!"           */

2. Ftp 'put' files are mode 666

3. mysterious shared library problem (setuid problem?)

4. PLEASE HELP -- Screen resolution and window sizes in X windows

5. Linux C-news relaynews setuid problem

6. SCSI Adapter Queries

7. Setuid Problem

8. mpeg video is black

9. Setuid problems & OpenSSH X-forwarding

10. setuid problems

11. setuid() problem ?

12. setuid problem on Solaris 2.4x86?

13. SETUID problem/question?