getting suid program to output to user's term

getting suid program to output to user's term

Post by Bob van der Poe » Wed, 22 Apr 1998 04:00:00



I don't know if this is possible...but with all the unix gurus out there
I'm sure someone will know a way.

I have installed the wwwoffle program with netscape. Works fine. No
complaints.

I would like to be aware of the fact that the program is fetching data
when I first connect to the net. I have added to my ip-up script the
"wwwoffle -fetch ... " command. According to the author of wwwoffle, the
wwwoffle program does not exit until all outstanding requests are
processed.

So, I figured that it would be easy to have a line like:

        xterm -e wwwoffle -fetch...

in my ip-up script. At this point a xterm window would come up on my
screen, and it would go away when the fetches were complete. If this
worked I could expand to make it more functional.

However, it will not work that easily. From what I have figured out the
pppd program runs as root. As does the ip-up script. So, the 'xterm...'
thing fails. I assume the problem is that a program running as root
can't just willy-nilly open a term on a user's terminal.

Any ideas on how I can do this?

I hate to ask, but please copy replies via email. I do follow the NG,
but my ISP loses as much as it gets. Thanks.

--
   __
  /  )      /         Bob van der Poel

/___/_(_) /_)         http://www.kootenay.com/~bvdpoel

 
 
 

getting suid program to output to user's term

Post by Victor Wagn » Thu, 23 Apr 1998 04:00:00



: I don't know if this is possible...but with all the unix gurus out there
: I'm sure someone will know a way.

: So, I figured that it would be easy to have a line like:

:       xterm -e wwwoffle -fetch...

: in my ip-up script. At this point a xterm window would come up on my
: screen, and it would go away when the fetches were complete. If this
: worked I could expand to make it more functional.

There are several possible problems here.

First, your ip-up script is not aware that there is X display around.
So, xterm simply doesn't know where to connect. You can fix this
problem by adding export DISPLAY=:0 into ip-up just before xterm line
in ip-up.

But are you sure that X would be always running when your ip-up is
executed. Does your computer run unattended during night? (when it is
usialy cheaper to download either due to ISP or due to phone costs)

In this case attempt to run Xterm would fail and wwwoffle wouldn't start
when it can work better than ever.

Second, opening root xterm is security hole if you don't know before
that guy sitting at the X display is right guy, who know the password.
Are you only user on your machine? Or there is sister, daughter or wife,
which can be scared with unexpectedly appeared window and type something
dangerous in there?

It can be checked although. You can run ps -aux to find out is there
YOUR window manager, and check if owner of its process is one of trusted
users. If no, just run wwwoffle in background as before.

And last, you are perfectly right. In good setups any user other than
current, cannot create windows on X desktop. Even root. Try typing
su in xterm, and start another xterm from root prompt, if it works,
it is not your case. If you recieve  "Client not authorized" error,
visit my home page. There is couple of recipes how to overcome it.

http://www.ice.ru/~vitus/works/works_unix.html#xsu
: However, it will not work that easily. From what I have figured out the
: pppd program runs as root. As does the ip-up script. So, the 'xterm...'
: thing fails. I assume the problem is that a program running as root
: can't just willy-nilly open a term on a user's terminal.

: Any ideas on how I can do this?

: I hate to ask, but please copy replies via email. I do follow the NG,
: but my ISP loses as much as it gets. Thanks.

: --
:    __
:   /  )      /         Bob van der Poel

: /___/_(_) /_)         http://www.kootenay.com/~bvdpoel

--
--------------------------------------------------

Institute for Commerce          Office:7-(095)-333-2022
Engineering                     Home: 7-(095)-135-46-61
Programmer                      http://www.fe.msk.ru/~vitus

 
 
 

1. The 'nice' program - getting more time for my program ?

Hi folks. After looking at the man page for the 'nice'
program, I learned that the super-user (root) can specify
a negative priority adjustment to increase the priority of
a job.  So, I did the following:

1) I ran my niftly PERL script as a regular user:
        mybigscript.pl
   Total time to run was 5 minutes 2 seconds
   While it was running, I repeatedly ran: ps -l -u myusername
   and observed the priority (PRI) fluctuated between a low of 49
   and a high of 99.

2) I ran the same script as root with the following:
        nice --adjustment=-20 mybigscript.pl
   Total time to run was 4 minutes 58 seconds
   While running, ps -l -u root showed a steady Priority
   of 40.

So, now for my question - Is nice really doing anything for me ?
I had hoped to get some significant (or at least "noticable :)
speed-up but this was not the case.  mybigscript.pl does a
lot of memory and CPU intensive work (looping through large
arrays and such) and is not disk intensive at all.
Does the priority affect CPU intensive tasks ?  Is there another
way to get more CPU time for my task ?

Specifics:
  Sun Sparc 5 running Solaris 2.5 with Perl version 5.
  No other users on the system in both cases.

Thanks for any pointers.

Rich H.

---

Rutgers University     http://cimic3.rutgers.edu/~holowcza/

2. majordomo@freebsd.org don't read me.

3. How to 'flush' output of 'C' cgi-program

4. Newbie booting 2 ethernet cards question

5. IS there a way to trace suid program with suid permissions

6. gnome setup error

7. Setting 'suid' bit for a program

8. RedHat 4.0 failed to activate modem at boot time

9. Send output of C-Program to X-Term ?

10. QUESTION: suspicious suid program in user dir

11. Getting the output of 'jobs' into a shell variable

12. Safe pseudo-suid execution of user programs

13. suid root program can't call system(3)