[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: fakeroot inquiry

From: Roland McGrath
Subject: Re: fakeroot inquiry
Date: Fri, 3 May 2002 19:13:37 -0400 (EDT)

I've whipped up a new program called `fakeauth', in utils/fakeauth.c
(and with some nontrivial makefile rules to build everything it needs).
Again, this compiles but is wholly untested.

The idea here is that you run "fakeauth command ...", and it runs "command"
with a bogus auth port that claims to be root.  How this works is that
fakeauth acts as a proxy auth server.  The child process is run with a new
auth port that is maintained by fakeauth.  When fakeauth gets auth
handshake RPCs on this port, it just passes them along to the real auth
port that fakeauth started with.  That means that to all other processes in
the system the fakeauth child acts just like a normal process authenticated
as the user who ran fakeauth.  However, auth_getids and auth_makeauth calls
made on the fake auth handle do not go through to the real auth server.
Instead, fakeauth provides a private fantasy universe of uids and gids
where it behaves as the real auth server would if your original handle had
the root IDs.  That is, auth_getids on the initial handle reports real and
effective uid and gid of 0.  auth_makeauth on that lets you create new
handles with any IDs you like, just like root can with the real auth
server.  As with real auth handles, these new handles then return for
getids the IDs you chose in makeauth, and makeauth calls on a new handle is
constrained to select IDs permitted by that (fake) handle.  

Note that this will give programs the impression that setuid et al work
normally to constrain permissions, but in actuality all authentications
with the rest of the system will use the fakeauth process's original auth
handle with its original IDs.  So, for example, running "su joebob" under
fakeauth would succeed and whoami will report "joebob", but anything done
with the supposed "joebob" identity will actually happen with your original
identity and full privileges (i.e. anything the process that ran fakeauth
could do).

reply via email to

[Prev in Thread] Current Thread [Next in Thread]