gpg im CGI Script

Stefan Suurmeijer
Thu, 6 Jul 2000 18:58:07 +0200 (CEST)

On Thu, 6 Jul 2000, Werner Koch wrote:

> >From my understanding about the problem this code (from 1.0.1h)
> if( setuid( uid ) || getuid() != geteuid() || !setuid(0) )
> log_fatal("failed to reset uid: %s\n", strerror(errno));
> is a safeguard against the faulty setcap implementation. The
> term "|| !setuid(0)" should always we false unless someone tries
> the setcap exploit in whichcase the setuid(0) will succeed. Note,
> this code is note used when running as root.
Hmm. Am I reading this wrong? I'm no C expert, but shouldn't the negation be removed ( || setuid(0) as opposed to || !setuid(0)) ? If the setcap exploit is used and setuid(0) succeeds, you want the if loop to be TRUE, right? I just tried to implement the sendmail solution (see below) into secmem.c (BTW, this didn't include the above check, although I downloaded my current version just two weeks ago. When did 1.0.1h become available?) ---> snip The sendmail patch attempts a setuid(0) after a setuid(getuid()); under normal circumstances this should fail (unless of course the real uid is root). If this setuid(0) succeeds, then the> kernel has failed to properly give up permissions and sendmail> will refuse to continue running. ---> endsnip
> --
> Werner Koch OpenPGP key 621CC013
> OpenIT GmbH tel +49 211 239577-0
> Birkenstr. 12 email
> D-40233 Duesseldorf
Stefan ========================================== Stefan Suurmeijer Network Specialist University of Groningen tel: (+31) 50 363 3423 fax: (+31) 50 363 7272 E-mail (business): E-mail (private): ========================================== Quis custodiet ipsos custodes? (Who'll watch the watchmen?) - Unknown