[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: cvs 1.11.2 and pserver on Linux
From: |
Larry Jones |
Subject: |
Re: cvs 1.11.2 and pserver on Linux |
Date: |
Wed, 8 May 2002 10:56:08 -0400 (EDT) |
Zanabria, Moises writes:
>
> yep, I've compiled with SETXID_SUPPORT, I've modified main.c running it
> setuid, I just added line to main.c near the beginning:
>
> setuid(geteuid());
>
> like FAQ file it recommends.
Huh? The FAQ says that might help you run setuid (not setgid), but
discourages it. SETXID_SUPPORT is intended to help you run setgid. For
setgid, the FAQ says to add:
setgid(getegid());
near the front of main, but that advice predates SETXID_SUPPORT -- if
you're compiling with SETXID_SUPPORT you *don't* want to add that line.
> here is my cvs binary permissions:
> -rwxr-sr-x 1 root p3cvsg 1557704 May 6 15:49 /usr/bin/cvs
OK, so CVS is setgid to p3cvsg. The SETXID_SUPPORT code is only
effective if it can tell that CVS is setgid, which it does by comparing
the real and effective group IDs. That means that you must configure
[x]inetd to run CVS as some group other than p3cvsg for it to work
correctly.
-Larry Jones
How am I supposed to learn surgery if I can't dissect anything? -- Calvin
- cvs 1.11.2 and pserver on Linux, Zanabria, Moises, 2002/05/07
- Re: cvs 1.11.2 and pserver on Linux, Aaron Kynaston, 2002/05/07
- RE: cvs 1.11.2 and pserver on Linux, Zanabria, Moises, 2002/05/07
- Re: cvs 1.11.2 and pserver on Linux,
Larry Jones <=
- RE: cvs 1.11.2 and pserver on Linux, Aaron Kynaston, 2002/05/07
- RE: cvs 1.11.2 and pserver on Linux, Zanabria, Moises, 2002/05/08
- RE: cvs 1.11.2 and pserver on Linux, Zanabria, Moises, 2002/05/08
- RE: cvs 1.11.2 and pserver on Linux, Zanabria, Moises, 2002/05/09