search for: setuids

Hi, After upgrading to b95 of OSOL/Indiana, and doing a ZFS upgrade to the newer revision, all arrays I have using ZFS mirroring are displaying errors. This started happening immediately after ZFS upgrades. Here is an example: ormandj at neutron.corenode.com:~$ zpool status pool: rpool state: DEGRADED status: One or more devices has experienced an unrecoverable error. An attempt was

I seem to have stumbled across another vulnerability in DIP. It appears to allow any user to gain control of arbitrary devices in /dev. For instance, I have successfully stolen keystrokes from a root login as follows... (I could also dump characters to the root console) $ whoami cesaro $ cat < /dev/tty1 <------ root login here bash: /dev/tty1: Permission denied

Hello, I'm trying to export a /home/ partition for multiple users, using Samba and the setuids option. My goal is to deliver emails into $HOME/.Maildir/ for each user. So I mount the share as user "root", hoping that each user will be able to use their own home directory (just like an NFS /home/ mount). (This feature depends on the Unix extensions.) I have the following...

I'm running Debian/Squeeze on an AMD64 system. For some reason they have recently stopped shipping mount.cifs with the setuid bit set. Now it appears that they have changed the internal settings to prevent it from running setuid. This means that I can't define the share in fstab with "user" and connect from my Linux user account. Mounting smb/cifs shares seems to be blocked

Running dovecot 1.2.4 on FreeBSD using Postfix. Everything works fine normally, but deliver is executable by world. This is not normally a problem, as I don't run deliver SetUID root. But for whatever reason, when deliver is called by something that IS SetUID root I get the following error: /usr/local/libexec/dovecot/deliver must not be both world-executable and setuid-root. This

All, Could someone explain the purpose of the uidswap functions with respect to ssh ( the client ). From what I gathered , ssh installs as setuid root and swaps ids when reading potential key files that may be read only by root. Also , I think when binding to a privileged port ssh swaps id. Is that so? What are the consequnences if you do not install ssh setuid root? ( As far I as know no uid

Hi. Does anyone use UsePrivilegedPort or have ssh(1) setuid, and if so for what use case? ssh(1) has had code in it to support installing setuid root since approximately forever, however OpenBSD has not shipped it in that configuration since 2002 (and I suspect these days no vendor does). As far as I can tell, all of the reasons for this no longer apply: - setuid root was needed to bind to a

Hi, When trying to connect the HyperVisor from a binary having setuid bit set , then I got following error: Unable to perform virConnectOpenReadOnly function error(internal error: libvirt.so is not safe to use from setuid programs) My test software config is the following : -rwsr-xr-x. 1 root root 3374956 Feb 4 13:45 test As this test software needs S bit to be able to access O.S.

Hi, I just configured my Postfix installation to deliver via Dovecot LDA. But because I use separate uids for virtual domains I had to set deliver to be setuid root. Altough I find this as frequent answer to this problem with deliver LDA I am not a 100% sure - basically because I try to avoid root setuids as much as I can. What should be better solution - to have all mailboxes with one owner or this setuid binary? My main reason for separate uids was filesystem quotas for whole domain. But my mail partition resides on XFS so I can do the same with directory quotas and I also noticed changes in quo...

Hi! I've set up postfix(2.4.1) + dovecot(1.0-cvs) + dovecot-lda(1.0-cvs). Dovecot's deliver is running as vmail:vmail (according to postfix's master.cf). Now the problem (when receiving mail): deliver(leva): auth input: leva deliver(leva): auth input: uid=8006 deliver(leva): auth input: gid=8000 deliver(leva): auth input: home=/var/mail/virtual/leva deliver(leva): setuid(8006)

Hi OpenSSH developers, I'm using OpenSSH on a daily basis and I'm very pleased with the work you've done. I am contributing to some Open Source software hosted at Savannah https://savannah.nongnu.org/projects/tsp and we recently hit some sftp unexpected behavior: https://savannah.gnu.org/support/?105838 when using chmod sftp client command it appears that setuid / setgid bits are

We have a large (20Gb, 250000 files) tree which needs to replicate across our WAN on a regular basis. We have been using a wrapper script around rsync to do this; the wrapper script runs setuid-root on a Solaris 8 server. However, we have on-going problems with files whose permissions don't replicate correctly. These file permissions are the REAL problem; if the permissions aren't

Hi, many people are having problems using SFTP with ChrootDirectory when the jail directory (or the path above) is not owned by root. The question is if chroot'ing to usual home directories can be allowed, even though they are owned by regular users. I know that this topic has been discussed on the list several times now, so I searched the list archives for posts that invalidate the

> On 24 May 2019 17:11 Steven Smith via dovecot <dovecot at dovecot.org> wrote: > > > I?m trying to configure dovecot lmtp in multi-user mode. My error logs are filled with messages saying that an imap process cannot do a setuid to another user: > > > May 21 22:28:46 imap(pid 17441 user myuser): Fatal: setuid(512(myuser) from userdb lookup) failed with

I'm trying to create a setuid Perl script (yes, I am aware about the security implications), but am getting this error: % cat testsetuid.pl #!/usr/bin/perl -UT print "My real user id is $< but my effective user id is $>\n"; exit(0); % ./testsetuid.pl Can't do setuid (cannot exec sperl) I am using the stock Perl that came with CentOS 4.5. The problem I

Dear All, i would like to know how to install perl with setuid emulation since the default centos 5 wont install with the setuid emulation apprecite your help regards simon -- Network ADMIN: -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I trying to create an automated backup from one machine to the other via SSH. I have setup ssh keys and so on, so everything is pretty much working. The only thing is, I am trying to perserve file ownership. I don't want to use ssh keys w/o a password (for obvious reasons), so I what I did was this: I setup a chrooted account called

version: rsync v2.6.1 (+ a minor, unrelated patch). I'm rsyncing files (not as root) and am happy (indeed, for what I want, delighted) that the files at the target side end up owned by the account doing the rsync. However, I've found that if I have a setuid/setgid file on the source side, the target file ends up setuid/setgid too (but under a different id!). This happens whether

I?m trying to configure dovecot lmtp in multi-user mode. My error logs are filled with messages saying that an imap process cannot do a setuid to another user: > May 21 22:28:46 imap(pid 17441 user myuser): Fatal: setuid(512(myuser) from userdb lookup) failed with euid=501(adminuser): Operation not permitted (This binary should probably be called with process user set to 512(myuser) instead of

Everyone, I am working on a Centos 5.9 system. I have an need to be able to activate a piece of software from /etc/smrsh that is activated when sendmail delivers the e-mail to this piece of software. I would like this piece of software to take on the user and group identities that are different than 'mail' which is what happens now. I want to use a user and group that is not root), so