Cocoa mail archive
Re: Environment/permissions on NSTask-launched app
FROM : Sherm Pendley
DATE : Thu Jul 20 22:08:33 2006
On Jul 19, 2006, at 8:26 PM, Brad Peterson wrote:
Upside-down. How annoying.
> --- Sherm Pendley <<email_removed>> wrote:
>
>> On Jul 18, 2006, at 9:35 PM, Brad Peterson wrote:
>>
>>> I've confirmed that the sub-task isn't running as
>> root
>>> (though I don't know why that would make a
>> difference)
>>> by logging the results of a getgid() call. (501
>> was
>>> the result.)
>>
>> Getgid() gets the group id. And, it gets the *real*
>> group id, not the
>> effective group id, which is what running with
>> elevated group
>> privileges would change.
>>
>> Getuid() and geteuid() report the real and effective
>> user id, and you
>> can use setuid() to lower the privileges of a
>> running app, if you
>> need to.
>>
> Well, now I'm not sure that setuid() the right
> approach either. A quick test from the sub-task's
> output shows that
>
> NSLog(@"gid = %d", getgid());
>
> also shows 501.
Did you read the getgid() man page? Getgid() is *supposed* to return
the real group id, and that's what it's doing here. The real group id
is not what you want. You want the *effective* group id.
Actually, what you really want the effective *user* id. Why do you
keep using a function that's very clearly documented as returning
something other than what you want?
No offense intended, but at this point I agree with the others - if
you're doing this for self-education that's great, but if you're
going to distribute this to other people you *seriously* need to turn
this project over to someone who's more experienced with this kind of
thing. Security issues are not something you want to "learn on the job".
sherm--
Web Hosting by West Virginians, for West Virginians: http://wv-www.net
Cocoa programming in Perl: http://camelbones.sourceforge.net
DATE : Thu Jul 20 22:08:33 2006
On Jul 19, 2006, at 8:26 PM, Brad Peterson wrote:
Upside-down. How annoying.
> --- Sherm Pendley <<email_removed>> wrote:
>
>> On Jul 18, 2006, at 9:35 PM, Brad Peterson wrote:
>>
>>> I've confirmed that the sub-task isn't running as
>> root
>>> (though I don't know why that would make a
>> difference)
>>> by logging the results of a getgid() call. (501
>> was
>>> the result.)
>>
>> Getgid() gets the group id. And, it gets the *real*
>> group id, not the
>> effective group id, which is what running with
>> elevated group
>> privileges would change.
>>
>> Getuid() and geteuid() report the real and effective
>> user id, and you
>> can use setuid() to lower the privileges of a
>> running app, if you
>> need to.
>>
> Well, now I'm not sure that setuid() the right
> approach either. A quick test from the sub-task's
> output shows that
>
> NSLog(@"gid = %d", getgid());
>
> also shows 501.
Did you read the getgid() man page? Getgid() is *supposed* to return
the real group id, and that's what it's doing here. The real group id
is not what you want. You want the *effective* group id.
Actually, what you really want the effective *user* id. Why do you
keep using a function that's very clearly documented as returning
something other than what you want?
No offense intended, but at this point I agree with the others - if
you're doing this for self-education that's great, but if you're
going to distribute this to other people you *seriously* need to turn
this project over to someone who's more experienced with this kind of
thing. Security issues are not something you want to "learn on the job".
sherm--
Web Hosting by West Virginians, for West Virginians: http://wv-www.net
Cocoa programming in Perl: http://camelbones.sourceforge.net
