HPE Community
Operating System - HP-UX
1820496 Members
2574 Online
109625 Solutions
New Discussion юеВ

ifconfig or "other" nic config command(s)

 
SOLVED
Go to solution
john guardian
Super Advisor

тАО02-07-2011 12:06 PM

тАО02-07-2011 12:06 PM

ifconfig or "other" nic config command(s)

"ifconfig lan0 up/down" works, as always for root yet does not for a non-root user. One of the admins asked me why it didn't since the cmd mode is set to 555. While I know this is a cmd that requires a priv user, exactly what prevents the non-root user from executing the above command? I believe they said they rx'd an error like "must be root" message when they tried it as non-root.

Thx.
0 Kudos
Reply
6 REPLIES 6
Patrick Wallek
Honored Contributor

тАО02-07-2011 12:15 PM

тАО02-07-2011 12:15 PM

Solution

Re: ifconfig or "other" nic config command(s)

I believe there is a check built into the command to determine if one is root or, possibly more accurately, a user with a UID of 0.
Reply
Patrick Wallek
Honored Contributor

тАО02-07-2011 12:18 PM

тАО02-07-2011 12:18 PM

Re: ifconfig or "other" nic config command(s)

To elaborate after some tests -- There are some functions of the ifconfig command that do NOT require root access.

For example, I can do 'ifconfig lan1' as a normal user to see how the NIC is set up.

However, if I do 'ifconfig lan1 up' as a normal user I get the "permission denied" error.

So, depending on what exactly you are trying to do, it may or may not check to see if you are root. If it is a function that could change a configuration or take the NIC up or down, the root would likely be required.
Reply
Duncan Edmonstone
HPE Pro

тАО02-07-2011 12:20 PM

тАО02-07-2011 12:20 PM

Re: ifconfig or "other" nic config command(s)

There are 2 forms to the ifconfig command - an "informational" form and a "configuration" form. For the "informational" form, that needs to work for any user, so you will find:

ifconfig lan0

works as any user, but

ifconfig lan0 up

only works as root.

So the command needs to be executable by any user, but you don't want any user being able to change IP addresses, so the code for ifconfig no doubt has a check for the effective user ID of the user in it, only allowing UID 0 to make changes...

HTH

Duncan

I am an HPE Employee
Accept or Kudo
Reply
Dennis Handly
Acclaimed Contributor

тАО02-07-2011 08:59 PM

тАО02-07-2011 08:59 PM

Re: ifconfig or "other" nic config command(s)

>so the code for ifconfig no doubt has a check for the effective user ID of the user in it,

In this case there is no need for that check since it isn't a setuid program. The standard permissions on the devices is what gives that error.
But ifconfig does call getuid(2) if only to give a nicer error message.
Reply
Matti_Kurkela
Honored Contributor

тАО02-08-2011 01:56 AM

тАО02-08-2011 01:56 AM

Re: ifconfig or "other" nic config command(s)

> While I know this is a cmd that requires a priv user, exactly what prevents the non-root user from executing the above command?

Some system calls are restricted for privileged users only. When such a system call is made, the kernel checks the identity of the caller process. If the process does not have the necessary privileges, the kernel will immediately return a "permission denied" error code to the calling program instead of doing the requested action.

Originally, this restriction was solely based on whether the user is root or not. However, with RBAC, it's possible to assign some users the privilege to use some sub-set of the restricted system calls.

Before RBAC and similar fine-grained privilege systems, the original Unix way to allow some unprivileged user to use some privileged system call was to make a program that checks the user's identity, makes some independent checks as to whether this particular user is authorized to do the requested action or not, and acts accordingly. This program would then be given "setuid root" permission, to allow it to run the requested system call as root - if and only if the user passes the security checks built into the program itself.

A setuid root program has root privileges when it starts, but it still "knows" the identity of the user that started the program. For example, "passwd" is a setuid root program, but when it's used by a non-root user, it only allows the user to change his/her own password, not anybody else's. (For technical details, please read this: http://www.lst.de/~okir/blackhats/node23.html )

MK
MK
Reply
Ismail Azad
Esteemed Contributor

тАО02-08-2011 12:06 PM

тАО02-08-2011 12:06 PM

Re: ifconfig or "other" nic config command(s)

Hi,

Adding to Matti's graceful explanation.. I'd like to add a part to the system calls... Sometimes, it is not enough to audit a command because as a malicious user someone would create a symobolic link between dir and ls and a dir * would be seen as a relatively safe command but is doing something very destructive. That is where the whole point arises of auditting the system call as in this way you get to know what dir actually does.

Regards
Ismail Azad
Read, read and read... Then read again until you read "between the lines".....
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.