| View previous topic :: View next topic |
| Author |
Message |
templeos1337
n00b
Joined: 01 Oct 2023
Posts: 6
|
 Posted: Wed Oct 04, 2023 6:12 pm Post subject: Making suid binary readable |
 |
|
Hi everyone,
Today I ran into a small problem while I was trying to run an AppImage. The AppImage attempted to open `fusermount` with RD_ONLY, most likely to see if it exists and the user has access to it.
I, as a regular user, don't have read access to a suid binary such as `fusermount` and thus open() returned with an error, resulting the application to fail.
Now I could very easily solve this by adding read access to `fusermount`. However I doubt that adding read access to a suid binary is a good practice.
I have two questions regarding this:
* Is it normal for AppImages to attempt to open `fusermount` with RD_ONLY? Couldn't they have done this in a better way? After all, all that matters is if the user can run `fusermount`, not necessarily read it.
* What is a good way to deal with this? What I was thinking is to create a group named 'fuse', add my user to it and make the binary group-readable. However I am not sure if this will be persistent across updates.
Do you have any suggestions?
Thank you in advance. |
|
| Back to top |
|
 |
gentoo_ram
Guru
Joined: 25 Oct 2007
Posts: 513
Location: San Diego, California USA
|
| Posted: Wed Oct 04, 2023 10:40 pm Post subject: |
|
|
| I guess that using stat() would have been more useful than opening it to determine if the file is there. Then you're getting access to the inode and parent directory instead of the file itself. I don't know what "AppImage" is. But if you can't change it then I don't see how using stat() would help you. |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23076
|
| Posted: Thu Oct 05, 2023 12:23 am Post subject: |
|
|
If the goal is merely an existence check, then another option would be to open with O_PATH. | Code: | $ python -c 'import os; print(os.open("/bin/su", os.O_RDONLY));'
Traceback (most recent call last):
File "<string>", line 1, in <module>
PermissionError: [Errno 13] Permission denied: '/bin/su'
$ python -c 'import os; print(os.open("/bin/su", os.O_PATH));'
3
$ python -c 'import os; print(os.open("/bin/s", os.O_PATH));'
Traceback (most recent call last):
File "<string>", line 1, in <module>
FileNotFoundError: [Errno 2] No such file or directory: '/bin/s'
|
|
|
| Back to top |
|
|
templeos1337
n00b
Joined: 01 Oct 2023
Posts: 6
|
| Posted: Thu Oct 05, 2023 5:21 pm Post subject: |
|
|
| gentoo_ram wrote: | | I guess that using stat() would have been more useful than opening it to determine if the file is there. Then you're getting access to the inode and parent directory instead of the file itself. I don't know what "AppImage" is. But if you can't change it then I don't see how using stat() would help you. |
Unfortunately I can't really change the checking code anything unless I patch the binary. I ended up creating a separate group and give group-read access as that would make more sense.
I asked mostly to see if there could have been a better handling from the app's side. Also the AppImage in question is WebCord. |
|
| Back to top |
|
|
templeos1337
n00b
Joined: 01 Oct 2023
Posts: 6
|
| Posted: Thu Oct 05, 2023 5:31 pm Post subject: |
|
|
| Hu wrote: | If the goal is merely an existence check, then another option would be to open with O_PATH. | Code: | $ python -c 'import os; print(os.open("/bin/su", os.O_RDONLY));'
Traceback (most recent call last):
File "<string>", line 1, in <module>
PermissionError: [Errno 13] Permission denied: '/bin/su'
$ python -c 'import os; print(os.open("/bin/su", os.O_PATH));'
3
$ python -c 'import os; print(os.open("/bin/s", os.O_PATH));'
Traceback (most recent call last):
File "<string>", line 1, in <module>
FileNotFoundError: [Errno 2] No such file or directory: '/bin/s'
|
|
Yeah I think that would suffice from the app's side and probably would save me the hustle from trying to figure why I got permission denied. Thank you. |
|
| Back to top |
|
|
|
Networking & Security
