Re: About a rc.d script and "--user ${puser}"

To: Matthias Scheler <tron%NetBSD.org@localhost>, John Nemeth <jnemeth%victoria.tc.ca@localhost>
Subject: Re: About a rc.d script and "--user ${puser}"
From: Cem Kayali <cemkayali%eticaret.com.tr@localhost>
Date: Tue, 03 Feb 2009 12:16:12 +0200


OK, here are full description and how to repeat section:

Problem
--------------------------------------------------------------

Privoxy seems to run as root:wheel instead of privoxy:privoxy and mayallow everbody to edit all chmod=X6X chown=root:wheel files through itsadministration interface - depending on privoxy configuration.



How to repeat:
--------------------------------------------------------------
1- #cd /usr/pkgsrc/www/privoxy & make install
2- #cd /usr/pkg/etc/privoxy & chown root:wheel * & chmod 661 *
3- #vi /usr/pkg/etc/privoxy/config
< enable-edit-actions 1
---
> enable-edit-actions 0
4- #cp /usr/pkg/share/examples/rc.d/privoxy /etc/rc.d/privoxy
5- #/etc/rc.d/privoxy onestart

6- Now, please open up a browser, adjust its settings so that it uses8118 port as proxy. Type 'p.p'. This will show your local privoxyadministration page and go through 'View & change the currentconfiguration' and clcik EDIT button.

7- Notice that all rules are editable - really.



Extra information:
--------------------------------------------------------------
localhost# /etc/rc.d/privoxy onestart
Starting privoxy.

localhost# id privoxy
uid=1004(privoxy) gid=1002(privoxy) groups=1002(privoxy)

localhost# ps ax -o uid,gid,command|grep privoxy

1004 1002 /usr/pkg/sbin/privoxy --pidfile /var/run/privoxy.pid --userprivoxy /usr/pkg/etc/privoxy/config

  0     0 grep privoxy

localhost# ls -al /usr/pkg/etc/privoxy
total 156
drwxr-xr-x   2 root  wheel    512 Feb  3 02:12 .
drwxr-xr-x  24 root  wheel   1024 Feb  3 01:40 ..
-rw-rw-r--   1 root  wheel  40653 Feb  3 02:13 config
-rw-rw-r--   1 root  wheel  45145 Feb  3 02:15 default.action
-rw-rw-r--   1 root  wheel  52569 Feb  3 02:12 default.filter
-rw-rw-r--   1 root  wheel   2715 Feb  3 02:12 standard.action

lrwxr-xr-x 1 root wheel 41 Feb 3 02:12 templates ->/usr/pkg/share/examples/privoxy/templates

-rw-rw-r--   1 root  wheel   3761 Feb  3 02:12 trust
-rw-rw-r--   1 root  wheel   5375 Feb  3 02:14 user.action
localhost#



Regards,
Cem








Matthias Scheler, 02/03/09 10:12:

On Tue, Feb 03, 2009 at 01:29:24AM +0200, Cem Kayali wrote:
I have used the patch, and checked rc.d script before testing, re-testedagain. Result is same.
This issue is quite strange. *Forgive me if i'm doing someting wrong*but this looks like a security problem because any user having access toprivoxy administration page with "edit-actions-enable" enabled inprivoxy configuration, has potential wirte access to all root:wheelfiles having chmod X6X permissions especially to /usr/pkg/etc/privoxy/*ones - tested.
I'm sorry but you e-mail was filtered out by the NetBSD mailing list
software ...
A screenshot attached.
... because of it excessive size.

Could you please upload the screenshot somewhere and re-send your
e-mail with a URL instead of an attached image?

        Thanks in advance

Prev by Date: Re: Gnome (gdm) no longer working on update to pkgsrc-2008q4
Next by Date: Re: About a rc.d script and "--user ${puser}"
Previous by Thread: pkg_install-renovation merged
Next by Thread: Re: About a rc.d script and "--user ${puser}"
Indexes:

Home | Main Index | Thread Index | Old Index