1 |
On Sun, Oct 05, 2008 at 08:54:25PM +0200, Jil Larner wrote: |
2 |
> You may wish to specify the --user parameter. As this tool is for system |
3 |
> daemons (therefore located in /sbin), it seems obvious it starts daemons |
4 |
> as root by default. I checked on my system and I don't have a setuid bit |
5 |
> on this program, no more it starts any program when my wheel user |
6 |
> executes the command. I've no error code, but no process is spawned. |
7 |
|
8 |
It doesn't run the command as root but as normal user (it isn't setuid |
9 |
either. All it does is setting the *variables* $USER and $HOME to the |
10 |
wrong values. |
11 |
|
12 |
> If your non root user escalates privileges and is able to spawn a root |
13 |
> process, *and* there is no setuid bit on /sbin/start-stop-daemon, you |
14 |
> may fill a bug, if you have a procedure to reproduce it ;) Honestly, as |
15 |
> it is a quite old debian tool, I don't think it's buggy ;) |
16 |
|
17 |
This implementation is not by Debian: |
18 |
|
19 |
> This is a complete re-implementation with the process finding code in |
20 |
> the OpenRC library (librc, -lrc) so other programs can make use of it. |
21 |
|
22 |
-Erik |
23 |
|
24 |
-- |
25 |
hackerkey://v4sw5hw2ln3pr5ck0ma2u7LwXm4l7Gi2e2t4b7Ken4/7a16s0r1p-5.62/-6.56g5OR |