Disabling setuid in vm when playing messages

Stefan Haller (stefan.haller@ascom.ch)
Fri, 28 Jan 2000 11:39:35 +0100
Messages sorted by:[ date ][ thread ][ subject ][ author ]
Hi

Marc SCHAEFER wrote:
> Stefan Haller <stefan.haller@ascom.ch> wrote:
> > I'm using vm to send voicemails. Every user on the machine should be
> > able to send those messages. It seems that it is not possible to disable
> > the setuid-stuff when a file is played. I deleted the entries in the
> > config file once, but without much luck.
> 
> Why not write a small perl wrapper that would check the file, phone
> number, and be suid root ?
> 
> Setting the suid bit to the vm program means the user can also record,
> control the modem, etc.

Good idea. But vm tells me now the following:
Insecure $ENV{PATH} while running setuid at /dev/fd/4 line 7.
Insecure $ENV{CDPATH} while running setuid at /dev/fd/4 line 7.

Ok, I set those two environment variables in the wrapper to "" and now.
A new message appears now:
Insecure dependency in system while running setuid at /dev/fd/6 line 7.

The /dev/fd/4 or 6 is not the root of the evil. It seems that vm is
unable print the right filename. I don't konw because of what it thinks
that /dev/fd/* files are scripts to execute. But it's a matter of fact
that the right filename was never printed on my machine. Although, it
always worked with the exception of the user permissions.


> > This is a problem for me since vm dies when it cannot change its uid to
> > that one defined in voice.conf. I tried to set the setuid-flag for vm so
> 
> set that uid to 0 could fix the problem.

If use the same uid as the executing user, it works. And I think it will
if I can execute vm with the setuid-wrapper.

I tried setuid root and setuid to an ordinary user with the wrapper. I
have made an ordinary user which I would like to use for vm instead of
using root. But this does not make a diffrence.


> > I'm using vm of the mgetty 1.1.21 package on Solaris 2.6.
> 
> You could try to revert access.c to an older version (e.g. 1.1.19).
> But I doubt it would be more secure.

I use now vm 1.1.19 and it works fine for me, at least for the next
weeks.

Thanks
 Stefan