[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: [PATCH] inetd as unprivileged user
From: Denys Vlasenko <vda.linux () googlemail ! com>
Date: 2017-11-09 15:20:42
Message-ID: CAK1hOcMZ0621b39X7K3Zm2MYojOh6XhvDSU0wtip5XbAQxBDCA () mail ! gmail ! com
[Download RAW message or body]
Fixed, thanks!
On Wed, Nov 1, 2017 at 3:19 AM, Jack Schmidt <busybox@mowsey.org> wrote:
> When I tried to use inetd as an unprivileged user on linux (4.9.x, x86_64, glibc or \
> musl), I get:
> inetd: can't set groups: Operation not permitted
>
> I believe the problem is line 1486, where it compares the desired uid to 0, rather \
> than to the current uid, to decide whether to set groups.
> For example:
>
> printf '127.0.0.1:3030 stream tcp nowait jack ./echo.sh' > inetd.conf
> printf '#!/bin/sh\necho ok\nsleep 1' > echo.sh
> chmod 755 echo.sh
> ./busybox inetd -e -f inetd.conf &
> nc 127.0.0.1 3030
>
> With the patch, it echoes "ok".
>
> Without the patch, inetd gives an error:
>
> inetd: can't set groups: Operation not permitted
>
>
> Of course, to placate line 1486 one could use:
>
> printf '127.0.0.1:3030 stream tcp nowait root ./echo.sh' > inetd.conf
>
> but this results in the earlier error:
>
> inetd: non-root must run services as himself
>
>
>
>
> _______________________________________________
> busybox mailing list
> busybox@busybox.net
> http://lists.busybox.net/mailman/listinfo/busybox
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic