1819796
Members
3120
Online
109607
Solutions
SOLVED
Hi Rod,
I thought about suggesting something similar to your approach, but the one thing I was concerned about was:
Set the permissions on "sux" to
r-sr-xr-x.
Wouldn't this cause the "sux" program to take on the effective uid of the listed owner of the "sux" binary itself? I think in the su case, it is really helpful to know the real user id of the user who issued the su command. I'm wondering if doing this setuid approach would cause all su logging messages in /var/adm/syslog/syslog.log to indicate that whichever user is listed as the owner of the "sux" program would be considered the user who did the su, as opposed to the real user who ran the "sux" program.
Does this make sense? Am I totally off base here (very likely)? I'd just want to ensure that from an auditing/logging standpoint whatever workaround is used would still log the su command as the real user who issued the "sux" command.
I suppose the "sux" C program could call getuid or geteuid to retrieve the uid/euid of the calling user and then use that information when calling the real su command, and that way it would ensure that the user has permissions to use the su command and switch to the user they're requesting, or gets prompted for a password for the new user. Also, this would hopefully cause the su logging to accurately reflect the user who issued the command.
Again, I could be raising a bogus issue, but the setuid stuff concerns me a bit.
Regards,
Dave
I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
I thought about suggesting something similar to your approach, but the one thing I was concerned about was:
Set the permissions on "sux" to
r-sr-xr-x.
Wouldn't this cause the "sux" program to take on the effective uid of the listed owner of the "sux" binary itself? I think in the su case, it is really helpful to know the real user id of the user who issued the su command. I'm wondering if doing this setuid approach would cause all su logging messages in /var/adm/syslog/syslog.log to indicate that whichever user is listed as the owner of the "sux" program would be considered the user who did the su, as opposed to the real user who ran the "sux" program.
Does this make sense? Am I totally off base here (very likely)? I'd just want to ensure that from an auditing/logging standpoint whatever workaround is used would still log the su command as the real user who issued the "sux" command.
I suppose the "sux" C program could call getuid or geteuid to retrieve the uid/euid of the calling user and then use that information when calling the real su command, and that way it would ensure that the user has permissions to use the su command and switch to the user they're requesting, or gets prompted for a password for the new user. Also, this would hopefully cause the su logging to accurately reflect the user who issued the command.
Again, I could be raising a bogus issue, but the setuid stuff concerns me a bit.
Regards,
Dave
I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
