[opensuse-security] 11.4: suid ignored?
Hi, for the last hours, I'm pulling my last hairs off :-( Opensuse 11.4, I cannot get innd running. "strace -f -o /tmp/foo /etc/init.d/innd start" tells me that inndstart fails to load (output from strace): 11887 execve("/usr/lib/news/bin/innbind", ["/usr/lib/news/bin/innbind", "15,2,0.0.0.0,119"], [/* 187 vars */]) = 0 [...] 11887 getuid32() = 9 11887 geteuid32() = 9 11887 getsockopt(15, SOL_SOCKET, SO_TYPE, [1], [4]) = 0 11887 bind(15, {sa_family=AF_INET, sin_port=htons(119), sin_addr=inet_addr("0.0.0.0")}, 16) = -1 EACCES (Permission denied) 9 is the id of the user "news". /usr/lib/news/bin/innbind has suid set: -r-sr-xr-- 1 root news 59196 Feb 18 22:05 /usr/lib/news/bin/innbind I understand the the user news is not allowed to open ports <1024, therefore the suid bit. But it seems to be ignored completely? Maybe I do not see the forest for the trees - any hint is highly appreciated. Thank you, Rainer -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
On Thu, Apr 14, 2011 at 01:46:31PM +0200, Rainer Sokoll wrote:
Hi,
for the last hours, I'm pulling my last hairs off :-( Opensuse 11.4, I cannot get innd running.
"strace -f -o /tmp/foo /etc/init.d/innd start" tells me that inndstart fails to load (output from strace):
11887 execve("/usr/lib/news/bin/innbind", ["/usr/lib/news/bin/innbind", "15,2,0.0.0.0,119"], [/* 187 vars */]) = 0 [...] 11887 getuid32() = 9 11887 geteuid32() = 9 11887 getsockopt(15, SOL_SOCKET, SO_TYPE, [1], [4]) = 0 11887 bind(15, {sa_family=AF_INET, sin_port=htons(119), sin_addr=inet_addr("0.0.0.0")}, 16) = -1 EACCES (Permission denied)
9 is the id of the user "news". /usr/lib/news/bin/innbind has suid set:
-r-sr-xr-- 1 root news 59196 Feb 18 22:05 /usr/lib/news/bin/innbind
I understand the the user news is not allowed to open ports <1024, therefore the suid bit. But it seems to be ignored completely? Maybe I do not see the forest for the trees - any hint is highly appreciated.
setuid does not work when a program is run with strace. Are there errors without strace? In the logfiles? ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
On 4/14/11 3:49 PM, Marcus Meissner wrote:
setuid does not work when a program is run with strace.
OMG. I was not aware of this. You saved lots of time :-)
Are there errors without strace? In the logfiles?
Yes, without strace, I get a segfault. But this is not the topic of this list. Thank you again! Rainer -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
participants (2)
-
Marcus Meissner -
Rainer Sokoll