[Bug 822210] Re: Error message due to nested setuids

Marc Deslauriers marc.deslauriers at canonical.com
Mon Aug 8 14:50:59 UTC 2011 

** Visibility changed to: Public

** This bug is no longer flagged as a security vulnerability

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/822210

Title:
  Error message due to nested setuids

Status in “shadow” package in Ubuntu:
  New

Bug description:
  Hi,

  when running a simple command like

     su -s /bin/sh -c "/bin/date" www-data

  I get an error message like

    pam_mount(spawn.c:128): error setting uid to 0

  (I am just trying to figure out why /etc/cron.daily/lighttpd issues
  such error message every day...)

  It seems as if all this pam stuff is meanwhile that nested and felted,
  that it fails to perform basic functionalities.

  
  Furthermore, it might be dangerous to treat /var/www (which is the home directory of www-data) as a regular home directory, since - depending on your local configuration - the directory might be writable from outside, e.g. when using a web server as a writable server for streaming and other things with webdav. Once someone is able to write e.g. a  .login or .profile into /var/www , running cronjobs with su www-data (like in /etc/cron.daily/lighttpd) might automatically execute commands written to the web server from outside, or perform other unintended functions through all that big pam pipeline.

  Not a good idea...

  ProblemType: Bug
  DistroRelease: Ubuntu 11.04
  Package: login 1:4.1.4.2+svn3283-3ubuntu1
  ProcVersionSignature: Ubuntu 2.6.38-11.48-generic 2.6.38.8
  Uname: Linux 2.6.38-11-generic x86_64
  Architecture: amd64
  Date: Sun Aug  7 11:21:49 2011
  InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100427.1)
  ProcEnviron:
   LANGUAGE=en_US:en
   PATH=(custom, user)
   LANG=en_US.UTF-8
   SHELL=/bin/tcsh
  SourcePackage: shadow
  UpgradeStatus: Upgraded to natty on 2011-07-29 (9 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/822210/+subscriptions

More information about the foundations-bugs mailing list