Hi,
Thank you very much to those who responded.
Many thanks to:
Douglas Palmer <palmer@nyed.uscourts.gov>
Patrick Hooper <phooper@nebs.com>
yann@veritel.com.br
"Martin Carpenter" <martincarpenter@hotmail.com>
Stefan Voss <s.voss@terradata.de>
James Mularadelis <james.mularadelis@bms.com>
Renny Koshy <renny@visualsoft.com>
"David Evans" <DJEVANS@au.oracle.com
Paul Hart <hart@iserver.com>
Kevin P. Inscoe" <kevin@inscoe.org>
Craig Raskin <raskin@compusec.org>
mcferren@colltech.com
Alan Orndorff <dwarfie@mindspring.com>
James Ford <jford@tusc.net>
Adam and Christine Levin <levins@westnet.com>
Jochen Bern <bern@TI.Uni-Trier.DE>
And Special thanks to:
Casper Dik <casper@holland.sun.com>
"John Nield" <jnield@impole.com>
David Mitchell <davem@fdgroup.co.uk>
Nils <nils@bourbon.propertymall.com>
Who gave the most to the point reply. Special thanks to Mr. Casper Dik who
explained with examples how to fix the problem. Here is the final remedy:
I have replaced 'system("/bin/chmod 400 /etc/shadow");' command with
chmod("/etc/shadow",0400); and it worked fine.
By invoking the system("/bin/umask 400"); command, I was actually, defining
the mask of a subshell and not of the actual program. Each instance of
"system()" command implemented the task of defining umask etc. only for the
child shell and it did not affect the parent process. I also believe that the
web server did not allow the child
process of a set-UID parent to be set-UID. That is why the command
system("chmod 400 /etc/shadow"); did not change the permissions as the
sub-shell in which this command was invoked was not running as setUID to
root.
Mr. Casper also advised to use open() function call to create the temporary
file as given below:
int fd = open("/etc/shadow.tmp", O_WRONLY|O_TRUNC|O_CREAT, 0400);
M = fdopen(fd, "w");
......
Thanks a lot once again.
John Black
My original question was:
I am talking about Sun Netra i150 Internet server using Solaris 7 and running
apache 1.3. My users change their passwords from the web page using a cgi
called 'pass.cgi'(written in ANSI C). When they submit their old and new
passwords via a Form then this cgi creates a temporary file 'etc/shadow.tmp'
using fopen():
M = fopen("/etc/shadow.tmp", "w");
flockfile(M);
if (M == NULL) {
printf("System Busy... Try again...\n");
......................
................
Now this file is created with permissions -rw-rw-rw-. Later on this file is
updated with the user passwords and then it is renamed as '/etc/shadow' using
rename():
rename("/etc/shadow.tmp", "/etc/shadow");
So the new shadow file has the same permissions -rw-rw-rw- which is not
acceptable.
I tried to incorporate the following line in the pass.cgi:
system("/usr/bin/chmod 400 /etc/shadow");
This line was added just after the the shadow.tmp was renamed to /etc/shadow
(and after funlockfile command), but it does not change the shadow file
permissions to 400 rather my web server apache error log shows:
chmod: WARNING: can't change /etc/shadow
Alternatively, I renamed this cgi as pass1.cgi and created a shell script
pass.cgi
#!/bin/sh
touch /etc/shadow.tmp
chmod 400 /etc/shadow.tmp
/usr/local/apache/share/cgi-bin/pass1.cgi/
but then I get the error in apache error log:
touch: /etc/shadow.tmp cannot create
So the problem is that the temporary file shadow.tmp is having wrong
permissions because the umask is not appropriate. I tried to execute:
system("/bin/umask 066");
but it also does not work. If I manually execute this cgi from console, then
the newly incorporated commands work fine ( i.e chmod changes the premissions
of shadow file) but obviously a core is dumped as there is no FORM data
posted. But when the same cgi is executed from http FORM then chmod gives
error as indicated above.
Please advise me on how to create the temporary file with appropriate
permissions. The pass.cgi is owned by root:other and its permissions are
-rwsr-xr-x.
Please advise me:
1) Will the problem be rectified by specifying umask=077 in
/etc/default/login
file.
2) Why the chmod command does not work.
3) If you think that I should use open() or creat() instead of/in addition to
fopen then please send me an example code for these commands.
Thank you very much to those who have taken time to write to me so far.
I will summarize.
Thanks in advance,
John Black
____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:28 CDT