Why only application with root priveleges can attach global name by
name_attach()?
In QNX4 every not-root process can qnx_name_attach() “/global_name” in the
QNet.
Why only application with root priveleges can attach global name by
name_attach()?
In QNX4 every not-root process can qnx_name_attach() “/global_name” in the
QNet.
“Leonid Khait” <lhait@diaspro.com> wrote in message
news:ccon3n$l6p$1@inn.qnx.com…
Why only application with root priveleges can attach global name by
name_attach()?
Yes
In QNX4 every not-root process can qnx_name_attach() “/global_name” in the
QNet.
So?
Mario Charest <nowheretobefound@8thdimension.com> ÐÉÛÅÔ ×
ÓÏÏÂÝÅÎÉÉ:ccp2r9$so9$1@inn.qnx.com…
“Leonid Khait” <> lhait@diaspro.com> > wrote in message
news:ccon3n$l6p$> 1@inn.qnx.com> …
Why only application with root priveleges can attach global name by
name_attach()?Yes
In QNX4 every not-root process can qnx_name_attach() “/global_name” in
the
QNet.So?
The aim of this change is interesting.
Leonid Khait <lhait@diaspro.com> wrote in message
news:ccqc2c$qgk$1@inn.qnx.com…
Why only application with root priveleges can attach global name by
name_attach()?The aim of this change is interesting.
The concern is, if anybody can attach to a global name, then anyone on the
network
could “hijack” a real services.
-xtang
Xiaodan Tang <xtang@qnx.com> ÐÉÛÅÔ × ÓÏÏÂÝÅÎÉÉ:ccu2qn$lmq$1@inn.qnx.com…
Leonid Khait <> lhait@diaspro.com> > wrote in message
news:ccqc2c$qgk$> 1@inn.qnx.com> …
Why only application with root priveleges can attach global name by
name_attach()?The aim of this change is interesting.
The concern is, if anybody can attach to a global name, then anyone on the
network
could “hijack” a real services.-xtang
Well, but “anybody” can make “hack” programm on his own PC as superuser,
give this program root priveleges chown root program,and chmod a+s status,
start on the target plase this program as not-root and before name_attach()
change uid to root priveleges by setuid(0).
This program can attach name as global on the QNET.
“Leonid Khait” <lhait@diaspro.com> wrote in message
news:ccv9ua$k9e$1@inn.qnx.com…
Xiaodan Tang <> xtang@qnx.com> > ÐÉÛÅÔ × ÓÏÏÂÝÅÎÉÉ:ccu2qn$lmq$> 1@inn.qnx.com> …
Leonid Khait <> lhait@diaspro.com> > wrote in message
news:ccqc2c$qgk$> 1@inn.qnx.com> …
Why only application with root priveleges can attach global name by
name_attach()?The aim of this change is interesting.
The concern is, if anybody can attach to a global name, then anyone on
the
network
could “hijack” a real services.-xtang
Well, but “anybody” can make “hack” programm on his own PC as superuser,
give this program root priveleges chown root program,and chmod a+s status,
That’s the whole point, you need to be root and root is a trusted user. All
other user are not (unless root allows it)
start on the target plase this program as not-root and before
name_attach()
change uid to root priveleges by setuid(0).
This program can attach name as global on the QNET.