screen-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [screen-devel] GNU Screen v.4.2.0

From: Axel Beckert
Subject: Re: [screen-devel] GNU Screen v.4.2.0
Date: Mon, 28 Apr 2014 16:11:42 +0200
User-agent: Mutt/1.5.20 (2009-06-14) 
Hi,

On Mon, Apr 28, 2014 at 09:27:58AM +0200, Axel Beckert wrote:
> On Sun, Apr 27, 2014 at 09:58:51PM -0700, Maciej Żenczykowski wrote:
> > Curious  I just reinstalled bash on my fedora 20 x86_64 system.
> > 
> > $ uname -a
> > Linux eonwe.lan 3.13.10-200.1mz.fc20.x86_64 #1 SMP Sat Apr 26 01:19:02
> > PDT 2014 x86_64 x86_64 x86_64 GNU/Linux
> > 
> > $ ls -al /proc/$$/exe
> > lrwxrwxrwx. 1 maze maze 0 Apr 27 21:48 /proc/10848/exe ->
> > /usr/bin/bash (deleted)
> > 
> > $ /proc/$$/exe --version
> > GNU bash, version 4.2.47(1)-release (x86_64-redhat-linux-gnu)
> [...]
> > And as you can see I can still run the old marked deleted binary.
> 
> Hrm, interesting.
> 
> > Maybe the problem is zsh?
> 
> Sounds likely. Will test later. Thanks for the feedback and idea!

Nope. With bash:

1/0/0 address@hidden:pts/11 13:01:32 [~] # /proc/8052/exe -ls
bash: /proc/8052/exe: Permission denied
2/126/0 address@hidden:pts/11 13:02:00 [~] # ls -l /proc/8052/exe
lrwxrwxrwx 1 root root 0 Apr 28 04:50 /proc/8052/exe -> /usr/bin/screen 
(deleted)
3/0/0 address@hidden:pts/11 13:02:04 [~] # 

I suspect it's rather related to screen being installed setuid.

Let's test with bash as the binary which is replaced:

3/0/0 address@hidden:pts/11 13:02:04 [~] # apt-get install --reinstall bash
Reading package lists... Done
Building dependency tree       
Reading state information... Done
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 1 not upgraded.
Need to get 1.138 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://debian.ethz.ch/debian/ sid/main bash i386 4.3-7 [1.138 kB]
Fetched 1.138 kB in 0s (4.597 kB/s)
(Reading database ... 554999 files and directories currently installed.)
Preparing to unpack .../archives/bash_4.3-7_i386.deb ...
Unpacking bash (4.3-7) over (4.3-7) ...
Processing triggers for menu (2.1.46) ...
Processing triggers for install-info (5.2.0.dfsg.1-2) ...
Processing triggers for man-db (2.6.7.1-1) ...
Setting up bash (4.3-7) ...
update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide 
/usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode
Processing triggers for menu (2.1.46) ...
4/0/0 address@hidden:pts/11 14:23:18 [~] # ls -l /proc/$$/exe
lrwxrwxrwx 1 root root 0 Apr 28 14:21 /proc/18737/exe -> /bin/bash (deleted)
5/0/0 address@hidden:pts/11 14:23:50 [~] # !$
/proc/$$/exe
1/0/0 address@hidden:pts/11 14:23:58 [~] # exit
exit
6/0/0 address@hidden:pts/11 14:24:08 [~] # 

So it works with bash, but not screen. Which makes me even more
confident that this trick doesn't work for setuid binaries and hence
not for screen on Debian. *sigh*

                Kind regards, Axel
-- 
/~\  Plain Text Ribbon Campaign                   | Axel Beckert
\ /  Say No to HTML in E-Mail and News            | address@hidden  (Mail)
 X   See http://www.nonhtmlmail.org/campaign.html | address@hidden (Mail+Jabber)
/ \  I love long mails: http://email.is-not-s.ms/ | http://noone.org/abe/ (Web)
reply via email to
[Prev in Thread] Current Thread [Next in Thread]