Return to BSD News archive
Received: by minnie.vk1xwt.ampr.org with NNTP id AA1677 ; Tue, 23 Feb 93 14:53:09 EST Newsgroups: comp.unix.bsd,comp.os.386bsd.bugs Path: sserve!manuel.anu.edu.au!munnari.oz.au!news.Hawaii.Edu!ames!sun-barr!cs.utexas.edu!uwm.edu!rpi!ghost.dsi.unimi.it!serini From: serini@ghost.dsi.unimi.it (Piero Serini) Subject: id(1) bugs and new source Organization: Computer Science Dep. - Milan University Date: Fri, 19 Feb 1993 13:54:50 GMT Message-ID: <1993Feb19.135450.3052@ghost.dsi.unimi.it> Summary: new id.c Lines: 374 Hi. I found that id(1) doesn't handle properly the "gid" and "groups" entries: 1) "normal" id: $ id uid=100(piero) gid=20(staff) groups=5(opr), 20(staff) redundant ^^^^^^^^ 2) id [user] doesn't work: it uses the uid to seek for group name: $ id giulia uid=500(giulia) gid=100 In /etc/group gid 100 = users, but id looks for 500 and doesn't find it. Another test: $ id piero (myself) uid=100(piero) gid=20(users) groups=5(opr) As you can see in the example at 1), gid 20 = staff, but id looks for 100 which is = users 3) after a setuid() AND a setgid(), "groups" is a mix between the original groups and the new ones. Here follows an id from a "super-shell": uid=0(root) gid=0(root) groups=0(root), 5(opr), 20(staff) uid and gid are right; groups: 0(root) is redundant (root has gid 0 = root) 5(opr) is wrong (piero is in group 5, not root) 20(staff) is right, but we can't tell: both piero and root are in group 20. The new id.c source follows. Bye all -- ------------------------------------------ Piero Serini ------------ Via Giambologna, 1 E-mail: piero@strider.st.dsi.unimi.it 20136 - Milano - ITALY or: serini@ghost.dsi.unimi.it -------- PUBLIC KEY AVAILABLE VIA finger(1) or mail request -------- /*- * Copyright (c) 1991 The Regents of the University of California. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint char copyright[] = "@(#) Copyright (c) 1991 The Regents of the University of California.\n\ All rights reserved.\n"; #endif /* not lint */ #ifndef lint static char sccsid[] = "@(#)id.c 5.1 (Berkeley) 6/29/91"; #endif /* not lint */ #include <sys/param.h> #include <pwd.h> #include <grp.h> #include <errno.h> #include <unistd.h> #include <stdlib.h> #include <stdio.h> #include <string.h> typedef struct passwd PW; typedef struct group GR; void err __P((const char *, ...)); int gcmp __P((const void *, const void *)); void sgroup __P((PW *)); void ugroup __P((PW *)); void usage __P((void)); void user __P((PW *)); PW *who __P((char *)); int Gflag, gflag, nflag, rflag, uflag; main(argc, argv) int argc; char *argv[]; { GR *gr; PW *pw; int ch, id; while ((ch = getopt(argc, argv, "Ggnru")) != EOF) switch(ch) { case 'G': Gflag = 1; break; case 'g': gflag = 1; break; case 'n': nflag = 1; break; case 'r': rflag = 1; break; case 'u': uflag = 1; break; case '?': default: usage(); } argc -= optind; argv += optind; pw = *argv ? who(*argv) : NULL; if (Gflag + gflag + uflag > 1) usage(); if (Gflag) { if (nflag) sgroup(pw); else ugroup(pw); exit(0); } if (gflag) { id = pw ? pw->pw_gid : rflag ? getgid() : getegid(); if (nflag && (gr = getgrgid(id))) { (void)printf("%s\n", gr->gr_name); exit(0); } (void)printf("%u\n", id); exit(0); } if (uflag) { id = pw ? pw->pw_uid : rflag ? getuid() : geteuid(); if (nflag && (pw = getpwuid(id))) { (void)printf("%s\n", pw->pw_name); exit(0); } (void)printf("%u\n", id); exit(0); } if (!pw) pw = getpwuid(getuid()); user(pw); exit(0); } void sgroup(pw) PW *pw; { register int id, lastid; char *fmt; if (pw) { register GR *gr; register char *name, **p; name = pw->pw_name; for (fmt = "%s", lastid = -1; gr = getgrent(); lastid = id) { for (p = gr->gr_mem; p && *p; p++) if (!strcmp(*p, name)) { (void)printf(fmt, gr->gr_name); fmt = " %s"; break; } } } else { GR *gr; register int ngroups; int groups[NGROUPS + 1]; groups[0] = getgid(); ngroups = getgroups(NGROUPS, groups + 1) + 1; heapsort(groups, ngroups, sizeof(groups[0]), gcmp); for (fmt = "%s", lastid = -1; --ngroups >= 0;) { if (lastid == (id = groups[ngroups])) continue; if (gr = getgrgid(id)) (void)printf(fmt, gr->gr_name); else (void)printf(*fmt == ' ' ? " %u" : "%u", id); fmt = " %s"; lastid = id; } } (void)printf("\n"); } void ugroup(pw) PW *pw; { register int id, lastid; register char *fmt; if (pw) { register GR *gr; register char *name, **p; name = pw->pw_name; for (fmt = "%u", lastid = -1; gr = getgrent(); lastid = id) { for (p = gr->gr_mem; p && *p; p++) if (!strcmp(*p, name)) { (void)printf(fmt, gr->gr_gid); fmt = " %u"; break; } } } else { register int ngroups; int groups[NGROUPS + 1]; groups[0] = getgid(); ngroups = getgroups(NGROUPS, groups + 1) + 1; heapsort(groups, ngroups, sizeof(groups[0]), gcmp); for (fmt = "%u", lastid = -1; --ngroups >= 0;) { if (lastid == (id = groups[ngroups])) continue; (void)printf(fmt, id); fmt = " %u"; lastid = id; } } (void)printf("\n"); } void user(pw) register PW *pw; { register GR *gr; register int id, lastid; int eid, gid, egid; register char *fmt, **p; id = pw->pw_uid; gid = pw->pw_gid; (void)printf("uid=%u(%s)", id, pw->pw_name); if (id == getuid()) if ((eid = geteuid()) != id) { (void)printf(" euid=%u", eid); if (pw = getpwuid(eid)) (void)printf("(%s)", pw->pw_name); } /* endif id == getuid() */ (void)printf(" gid=%u", gid); if (gr = getgrgid(gid)) (void)printf("(%s)", gr->gr_name); if (id == getuid()) if ((egid = getegid()) != gid) { (void)printf(" egid=%u", egid); if (gr = getgrgid(egid)) (void)printf("(%s)", gr->gr_name); } /* endif id == getuid() */ /* now pw points to Euid, so we must reset it */ pw = getpwuid(id); for (fmt = " groups=%u(%s)", lastid = -1; gr = getgrent(); lastid = id) { if (pw->pw_gid == gr->gr_gid) continue; for (p = gr->gr_mem; p && *p; p++) if (!strcmp(*p, pw->pw_name)) { (void)printf(fmt, gr->gr_gid, gr->gr_name); fmt = ", %u(%s)"; break; } } (void)printf("\n"); } PW * who(u) char *u; { PW *pw; long id; char *ep; /* * Translate user argument into a pw pointer. First, try to * get it as specified. If that fails, try it as a number. */ if (pw = getpwnam(u)) return(pw); id = strtol(u, &ep, 10); if (*u && !*ep && (pw = getpwuid(id))) return(pw); err("%s: No such user", u); /* NOTREACHED */ } gcmp(a, b) const void *a, *b; { return(*(int *)b - *(int *)a); } #if __STDC__ #include <stdarg.h> #else #include <varargs.h> #endif void #if __STDC__ err(const char *fmt, ...) #else err(fmt, va_alist) char *fmt; va_dcl #endif { va_list ap; #if __STDC__ va_start(ap, fmt); #else va_start(ap); #endif (void)fprintf(stderr, "id: "); (void)vfprintf(stderr, fmt, ap); va_end(ap); (void)fprintf(stderr, "\n"); exit(1); /* NOTREACHED */ } void usage() { (void)fprintf(stderr, "usage: id [user]\n"); (void)fprintf(stderr, " id -G [-n] [user]\n"); (void)fprintf(stderr, " id -g [-nr] [user]\n"); (void)fprintf(stderr, " id -u [-nr] [user]\n"); exit(1); }