HPE Community
Operating System - HP-UX
1827464 Members
5008 Online
109965 Solutions
New Discussion

Re: setuid script and remsh

 
Marc Ahrendt
Super Advisor

‎10-08-2004 05:08 AM

‎10-08-2004 05:08 AM

setuid script and remsh

why isn't the following working

ls -al frog
-rwsr-xr-x 1 wsm users 104 Oct 8 09:54 frog
cat frog
#!/bin/sh
echo id
id
echo who am i
who am i
echo whoami
whoami
remsh hulk -l wsm -n "uname -a"
./frog
id
uid=206(mahrendt) gid=200(dba) euid=210(wsm) groups=121(sysadmA),201(docctrl)
who am i
mahrendt ttyrc Oct 8 09:52
whoami
wsm
remshd: Login incorrect
NOTE: the .rhosts file for wsm on hulk has the following entry
+ wsm

my goal is to have everyone be able to run frog ...allowing them to access hulk as wsm to run a script on hulk as wsm (just using uname as an example above)

why isn't SETUID working? is remsh not fooled by SETUID? i really would like to use SETUID.
hola
0 Kudos
Reply
13 REPLIES 13
Muthukumar_5
Honored Contributor

‎10-08-2004 05:34 AM

‎10-08-2004 05:34 AM

Re: setuid script and remsh

what is there in /etc/hosts.equiv file in remote host of hlk there. Are you have same entries as,

localhost

$wsmhomedirectory/.rhosts
+ hulk

Check the permission of files there too.
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Sundar_7
Honored Contributor

‎10-08-2004 05:47 AM

‎10-08-2004 05:47 AM

Re: setuid script and remsh

Marc,

I believe this is the way how remsh works.

I was not able to get this working too.

Will the script code be changing often ? - If not, may be you can try this in C.

setuid() to user wsm.

and execute the script


#include
main()
{
setuid(210);
system("/usr/bin/remsh hulk -l wsm <script>");
}
- Sundar.
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
Marc Ahrendt
Super Advisor

‎10-08-2004 06:54 AM

‎10-08-2004 06:54 AM

Re: setuid script and remsh

Muthukumar ...thx, but /etc/hosts.equiv is superseded by .rhosts settings and .rhosts for user wsm on hulk is setup correctly

Sundar ...thx, i actually got it to work by doing what you said (i copied your C code and actually made the binary owned by root with permissions 4555)

my final question is how can i pass command line arguments to the C program so that it in turn passes them to the remsh command ...basically the script on the remote machine takes several arguements like the following

script "arg 1" arg2 "agr thr ee" ...need to preserve the quotes since some arguements have spaces
hola
0 Kudos
Reply
RAC_1
Honored Contributor

‎10-08-2004 07:03 AM

‎10-08-2004 07:03 AM

Re: setuid script and remsh

As a user wsm log onto hulk. (user plain/old telnet) Once you login, do a who -um.

What appears in the last column??? The same ip address/hostname needs to be put in $HOME/.rhosts file of wsm user on hulk.

Should somthing like as follows. also check the perms on .rhosts file. Should read for owner.

ip_address/hostname wsm

Try this and post.

Anil
There is no substitute to HARDWORK
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎10-08-2004 08:19 AM

‎10-08-2004 08:19 AM

Re: setuid script and remsh

In order for remsh to work. .rhosts MUST be 600 permission and both computers must be able to resolve each other both by name and by IP using nslookup. Your DNS server may be missing reverse lookup records.


Bill Hassell, sysadmin
0 Kudos
Reply
Marc Ahrendt
Super Advisor

‎10-08-2004 09:50 AM

‎10-08-2004 09:50 AM

Re: setuid script and remsh

RAC & Bill ...thx, but it is not a .rhosts or a hostname resolution problem (i got a handle on those issues). Sundar was able to reproduce my situation ...seems that remsh is not fooled by the SETUID bit

however, if i use Sundar's C code it works

vi frogC.c (add his code)
cc -o frogC frogC.c
chown root frogC
chmod 4555 frogC
now when people run frogC the system treats them as being "wsm" and so the remsh works to the remote system hulk

i haven't used C in a long time and only now just need to know how to pass command line arguments in C to the remsh command in frogC
hola
0 Kudos
Reply
RAC_1
Honored Contributor

‎10-08-2004 09:57 AM

‎10-08-2004 09:57 AM

Re: setuid script and remsh

Did you try the solution I gave?? I do think that this is host resolution/wrong set up of .rhosts file.

Anil
There is no substitute to HARDWORK
0 Kudos
Reply
Sundar_7
Honored Contributor

‎10-08-2004 10:21 AM

‎10-08-2004 10:21 AM

Re: setuid script and remsh

Anil et all,

If .rhosts is the issue, when remsh is executed from C excerpt, it wont work either.

So, believe me, it is not an issue with .rhosts file :-)

I may not be able to explain why remsh is not taking the setuid bit, but I was able to reproduce the problem.

Marc: I am not good at C. I can show you how to pass command line arguments.

#include
#include
#include
#include
main(int argc,char **argv)
{
int i;
char *parms;
for(i=1;i<=argc;i++)
{
strcat(parms,argv[i]);
strcat(parms," ");
}
setuid(45906);
execl("/usr/bin/sh", "sh", "-c", "remsh hulk -l wsm <script>",parms,0);
}

The above program is core dumping for whatever reasons - I am sure you can take it from there :-)

- Sundar
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
RAC_1
Honored Contributor

‎10-08-2004 10:35 AM

‎10-08-2004 10:35 AM

Re: setuid script and remsh

Sundar,

I am also not very good at c/c++. I read the posting again. I still believe, he need to prepare the .rhosts fil on hulk as follows.

With perms 600.

"ip_address_of_the machine_he_is_executing_the_script_on" wsm

I do not have machine at hand the moment to try this out.

Anil
There is no substitute to HARDWORK
0 Kudos
Reply
Gary L. Paveza, Jr.
Trusted Contributor

‎10-10-2004 11:49 PM

‎10-10-2004 11:49 PM

Re: setuid script and remsh

My understanding is that HPUX SETUID on a script, but will execute a SETUID binary.
0 Kudos
Reply
Gary L. Paveza, Jr.
Trusted Contributor

‎10-11-2004 11:33 PM

‎10-11-2004 11:33 PM

Re: setuid script and remsh

NO points please. The above should read HPUX ignores SETUID on a script, but executes it on a binary.
0 Kudos
Reply
Dietmar Konermann
Honored Contributor

‎10-12-2004 12:35 AM

‎10-12-2004 12:35 AM

Re: setuid script and remsh

Hi, folks!

Just my two cents... :-)
The "SETUID" for scripts traditionally works on HP-UX if the interpreter is specified (#!/usr/bin/sh e.g.).

However, beginning with 11.22 there is a kernel tunable secure_sid_scripts to disable this feature.

But this is not the point here. Inside a suid script only your effective user id (euid) gets changed, but not your real user id which is used by remsh. To change also the ruid you need to use setresuid(2).

I attached a sample C wrapper which should help (and passes arguments also).

Best regards...
Dietmar.
"Logic is the beginning of wisdom; not the end." -- Spock (Star Trek VI: The Undiscovered Country)
0 Kudos
Reply
Dietmar Konermann
Honored Contributor

‎10-12-2004 01:12 AM

‎10-12-2004 01:12 AM

Re: setuid script and remsh

Oops, attached the wrong file. Pls use this one.
"Logic is the beginning of wisdom; not the end." -- Spock (Star Trek VI: The Undiscovered Country)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.