Moving project to sourceforge.

git-svn-id: https://dist.svn.sourceforge.net/svnroot/dist/trunk/dist@1 190e5f8e-a817-0410-acf6-e9863daed9af

1 files changed, 169 insertions, 0 deletions

diff --git a/mcon/U/d_dosuid.U b/mcon/U/d_dosuid.U
new file mode 100644
index 0000000..a584e1a
--- /dev/null
+++ b/mcon/U/d_dosuid.U
@@ -0,0 +1,169 @@
+?RCS: $Id$
+?RCS:
+?RCS: Copyright (c) 1991-1997, 2004-2006, Raphael Manfredi
+?RCS: 
+?RCS: You may redistribute only under the terms of the Artistic Licence,
+?RCS: as specified in the README file that comes with the distribution.
+?RCS: You may reuse parts of this distribution only within the terms of
+?RCS: that same Artistic Licence; a copy of which may be found at the root
+?RCS: of the source tree for dist 4.0.
+?RCS: 
+?RCS: Tye McQueen <tye@metronet.com> added safe setuid script checks.
+?RCS:
+?RCS: $Log: d_dosuid.U,v $
+?RCS: Revision 3.0.1.2  1997/02/28  15:33:03  ram
+?RCS: patch61: moved unit to TOP via a ?Y: layout directive
+?RCS: patch61: tell them /dev/fd is not about floppy disks
+?RCS:
+?RCS: Revision 3.0.1.1  1994/10/29  16:12:08  ram
+?RCS: patch36: added checks for secure setuid scripts (Tye McQueen)
+?RCS:
+?RCS: Revision 3.0  1993/08/18  12:05:55  ram
+?RCS: Baseline for dist 3.0 netwide release.
+?RCS:
+?MAKE:d_dosuid d_suidsafe: cat contains ls rm test Myread Setvar \
+	Oldconfig Guess package hint
+?MAKE:	-pick add $@ %<
+?S:d_suidsafe:
+?S:	This variable conditionally defines SETUID_SCRIPTS_ARE_SECURE_NOW
+?S:	if setuid scripts can be secure.  This test looks in /dev/fd/.
+?S:.
+?S:d_dosuid:
+?S:	This variable conditionally defines the symbol DOSUID, which
+?S:	tells the C program that it should insert setuid emulation code
+?S:	on hosts which have setuid #! scripts disabled.
+?S:.
+?C:SETUID_SCRIPTS_ARE_SECURE_NOW:
+?C:	This symbol, if defined, indicates that the bug that prevents
+?C:	setuid scripts from being secure is not present in this kernel.
+?C:.
+?C:DOSUID:
+?C:	This symbol, if defined, indicates that the C program should
+?C:	check the script that it is executing for setuid/setgid bits, and
+?C:	attempt to emulate setuid/setgid on systems that have disabled
+?C:	setuid #! scripts because the kernel can't do it securely.
+?C:	It is up to the package designer to make sure that this emulation
+?C:	is done securely.  Among other things, it should do an fstat on
+?C:	the script it just opened to make sure it really is a setuid/setgid
+?C:	script, it should make sure the arguments passed correspond exactly
+?C:	to the argument on the #! line, and it should not trust any
+?C:	subprocesses to which it must pass the filename rather than the
+?C:	file descriptor of the script to be executed.
+?C:.
+?H:#$d_suidsafe SETUID_SCRIPTS_ARE_SECURE_NOW	/**/
+?H:#$d_dosuid DOSUID		/**/
+?H:.
+?Y:TOP
+?F:!reflect
+?LINT: set d_suidsafe
+?LINT: set d_dosuid
+: see if setuid scripts can be secure
+$cat <<EOM
+
+Some kernels have a bug that prevents setuid #! scripts from being
+secure.  Some sites have disabled setuid #! scripts because of this.
+
+First let's decide if your kernel supports secure setuid #! scripts.
+(If setuid #! scripts would be secure but have been disabled anyway,
+don't say that they are secure if asked.)
+
+EOM
+
+val="$undef"
+if $test -d /dev/fd; then
+	echo "#!$ls" >reflect
+	chmod +x,u+s reflect
+	./reflect >flect 2>&1
+	if $contains "/dev/fd" flect >/dev/null; then
+		echo "Congratulations, your kernel has secure setuid scripts!" >&4
+		val="$define"
+	else
+		$cat <<EOM
+If you are not sure if they are secure, I can check but I'll need a
+username and password different from the one you are using right now.
+If you don't have such a username or don't want me to test, simply
+enter 'none'.
+
+EOM
+		rp='Other username to test security of setuid scripts with?'
+		dflt='none'
+		. ./myread
+		case "$ans" in
+		n|none)
+			case "$d_suidsafe" in
+			'')	echo "I'll assume setuid scripts are *not* secure." >&4
+				dflt=n;;
+			"$undef")
+				echo "Well, the $hint value is *not* secure." >&4
+				dflt=n;;
+			*)	echo "Well, the $hint value *is* secure." >&4
+				dflt=y;;
+			esac
+			;;
+		*)
+			$rm -f reflect flect
+			echo "#!$ls" >reflect
+			chmod +x,u+s reflect
+			echo >flect
+			chmod a+w flect
+			echo '"su" will (probably) prompt you for '"$ans's password."
+			su $ans -c './reflect >flect'
+			if $contains "/dev/fd" flect >/dev/null; then
+				echo "Okay, it looks like setuid scripts are secure." >&4
+				dflt=y
+			else
+				echo "I don't think setuid scripts are secure." >&4
+				dflt=n
+			fi
+			;;
+		esac
+		rp='Does your kernel have *secure* setuid scripts?'
+		. ./myread
+		case "$ans" in
+		[yY]*)	val="$define";;
+		*)	val="$undef";;
+		esac
+	fi
+else
+	echo "I don't think setuid scripts are secure (no /dev/fd directory)." >&4
+	echo "(That's for file descriptors, not floppy disks.)"
+	val="$undef"
+fi
+set d_suidsafe
+eval $setvar
+
+$rm -f reflect flect
+
+: now see if they want to do setuid emulation
+echo " "
+val="$undef"
+case "$d_suidsafe" in
+"$define")
+	val="$undef"
+	echo "No need to emulate SUID scripts since they are secure here." >& 4
+	;;
+*)
+	$cat <<EOM
+Some systems have disabled setuid scripts, especially systems where
+setuid scripts cannot be secure.  On systems where setuid scripts have
+been disabled, the setuid/setgid bits on scripts are currently
+useless.  It is possible for $package to detect those bits and emulate
+setuid/setgid in a secure fashion.  This emulation will only work if
+setuid scripts have been disabled in your kernel.
+
+EOM
+	case "$d_dosuid" in
+	"$define") dflt=y ;;
+	*) dflt=n ;;
+	esac
+	rp="Do you want to do setuid/setgid emulation?"
+	. ./myread
+	case "$ans" in
+	[yY]*)	val="$define";;
+	*)	val="$undef";;
+	esac
+	;;
+esac
+set d_dosuid
+eval $setvar
+