Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Gentoo User (http://www.linux-archive.org/gentoo-user/)
-   -   start-stop-daemon sets USER=root - expected behaviour? (http://www.linux-archive.org/gentoo-user/171231-start-stop-daemon-sets-user-root-expected-behaviour.html)

Erik Hahn 10-05-2008 09:01 PM

start-stop-daemon sets USER=root - expected behaviour?
 
On Sun, Oct 05, 2008 at 08:54:25PM +0200, Jil Larner wrote:
> You may wish to specify the --user parameter. As this tool is for system
> daemons (therefore located in /sbin), it seems obvious it starts daemons
> as root by default. I checked on my system and I don't have a setuid bit
> on this program, no more it starts any program when my wheel user
> executes the command. I've no error code, but no process is spawned.

It doesn't run the command as root but as normal user (it isn't setuid
either. All it does is setting the *variables* $USER and $HOME to the
wrong values.

> If your non root user escalates privileges and is able to spawn a root
> process, *and* there is no setuid bit on /sbin/start-stop-daemon, you
> may fill a bug, if you have a procedure to reproduce it ;) Honestly, as
> it is a quite old debian tool, I don't think it's buggy ;)

This implementation is not by Debian:

> This is a complete re-implementation with the process finding code in
> the OpenRC library (librc, -lrc) so other programs can make use of it.

-Erik

--
hackerkey://v4sw5hw2ln3pr5ck0ma2u7LwXm4l7Gi2e2t4b7Ken4/7a16s0r1p-5.62/-6.56g5OR

Jil Larner 10-06-2008 06:41 AM

start-stop-daemon sets USER=root - expected behaviour?
 
Hi,

Erik Hahn a écrit :
> It doesn't run the command as root but as normal user (it isn't setuid
> either. All it does is setting the *variables* $USER and $HOME to the
> wrong values.
>
Oh, I read too quickly :x And by the way didn't give the right command
switch that are --chuid --user and --env. These should give you the
result you wish. Should the program automatically set correct home and
user ? I'd say this could be great, so you may report it as a bug or,
more pobably, as a feature request.


> This implementation is not by Debian:
>
>> This is a complete re-implementation with the process finding code in
>> the OpenRC library (librc, -lrc) so other programs can make use of it.

I didn't know. Where did you find this ?

Thanks,
Jil

Erik Hahn 10-06-2008 11:43 AM

start-stop-daemon sets USER=root - expected behaviour?
 
On Mon, Oct 06, 2008 at 08:41:58AM +0200, Jil Larner wrote:
> Hi,
>
> Erik Hahn a écrit :
> > It doesn't run the command as root but as normal user (it isn't setuid
> > either. All it does is setting the *variables* $USER and $HOME to the
> > wrong values.
> >
> Oh, I read too quickly :x And by the way didn't give the right command
> switch that are --chuid --user and --env. These should give you the
> result you wish. Should the program automatically set correct home and
> user ? I'd say this could be great, so you may report it as a bug or,
> more pobably, as a feature request.

No, it simply shouldn't change them, there's no reason to do that (to my
knowledge).

> > This implementation is not by Debian:
> >
> >> This is a complete re-implementation with the process finding code in
> >> the OpenRC library (librc, -lrc) so other programs can make use of it.
>
> I didn't know. Where did you find this ?

Man page.

-Erik

--
hackerkey://v4sw5hw2ln3pr5ck0ma2u7LwXm4l7Gi2e2t4b7Ken4/7a16s0r1p-5.62/-6.56g5OR

Erik Hahn 10-06-2008 06:21 PM

start-stop-daemon sets USER=root - expected behaviour?
 
On Mon, Oct 06, 2008 at 02:27:11PM +0200, Daniel Pielmeier wrote:
> 2008/10/6 Erik Hahn <erik_hahn@gmx.de>:
> > No, it simply shouldn't change them, there's no reason to do that (to my
> > knowledge).
>
> I think it is a big security issue if a normal user could start
> arbitrary daemons with root privileges. So you should file a bug at

It doesn't give anyone root privileges, it only sets wrong variables.

> I think only root should be able to execute start-stop-daemon and the
> user should be changed with the proper command line switches. I
> actually don't know if it is --chuid or --user as this has changed
> between old baselayout and new openrc.

Why's that? Running a program with user privileges is no security
problem at all.

-Erik

--
hackerkey://v4sw5hw2ln3pr5ck0ma2u7LwXm4l7Gi2e2t4b7Ken4/7a16s0r1p-5.62/-6.56g5OR

Daniel Pielmeier 10-06-2008 07:09 PM

start-stop-daemon sets USER=root - expected behaviour?
 
Erik Hahn schrieb am 06.10.2008 20:21:
> On Mon, Oct 06, 2008 at 02:27:11PM +0200, Daniel Pielmeier wrote:
>> 2008/10/6 Erik Hahn <erik_hahn@gmx.de>:
>>> No, it simply shouldn't change them, there's no reason to do that (to my
>>> knowledge).
>> I think it is a big security issue if a normal user could start
>> arbitrary daemons with root privileges. So you should file a bug at
>
> It doesn't give anyone root privileges, it only sets wrong variables.
>
>> I think only root should be able to execute start-stop-daemon and the
>> user should be changed with the proper command line switches. I
>> actually don't know if it is --chuid or --user as this has changed
>> between old baselayout and new openrc.
>
> Why's that? Running a program with user privileges is no security
> problem at all.

I got the intention the program is started with root privileges when
using start-stop-daemon.

Nevertheless I can reproduce your problem with the wrong variables. I
think it should set the variables appropriate for the user running
start-stop-daemon. So you should file a bug report about that.

Regards,

Daniel


All times are GMT. The time now is 08:01 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.