[Gambas-user] Gambas app run as root
Jussi Lahtinen
jussi.lahtinen at ...626...
Tue Oct 5 20:59:12 CEST 2010
OK.
1. su doesn't work with Ubuntu because root account is disabled by default!
2. "sudo -k" doesn't seem to be able kill timestamp correctly.
So, when I open new terminal and try to get root without password, it
doesn't work.
3 This program actually works IF it is run under gdb or valgrind!!?
Jussi
On Tue, Oct 5, 2010 at 20:34, Jussi Lahtinen <jussi.lahtinen at ...626...>wrote:
> I recompiled Gambas2 and it still doesn't work.
>
> So, I run this project with gdb and I find something very worrying.
> I edited that project so that line;
>
> *hProcess = SHELL "su -c 'ls /root'" FOR INPUT OUTPUT*
> is now:
> *hProcess = SHELL "sudo whoami" FOR INPUT OUTPUT*
>
> ~/Desktop/su$ gbc2 -agpmt
> ~/Desktop/su$ sudo -k
> ~/Desktop/su$ gdb gbx2
> GNU gdb (GDB) 7.1-ubuntu
> Copyright (C) 2010 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <
> http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law. Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-linux-gnu".
> For bug reporting instructions, please see:
> <http://www.gnu.org/software/gdb/bugs/>...
> Reading symbols from /usr/local/bin/gbx2...done.
> (gdb) set args -p
> (gdb) run
> Starting program: /usr/local/bin/gbx2 -p
> [Thread debugging using libthread_db enabled]
> *root*
> FMain.Button1_Click.20: #42: System error. Bad file descriptor
> 0: FMain.Button1_Click.20
> Mutex destroy failure: Device or resource busy
>
> Program exited with code 01.
> (gdb)
>
>
> So this is nice way to get root without password!!!
>
> Jussi
>
>
>
> 2010/10/5 Benoît Minisini <gambas at ...1...>
>
> > OK, here it is.
>> >
>> > Jussi
>> >
>> >
>>
>> Well, your little example works as expected there (Mandriva 2010.1 /
>> x86-64).
>>
>> On Gambas 3, it works if you add 'As "Process"' after the SHELL
>> instruction
>> and replace LINE INPUT by the READ instruction.
>>
>> Note that you should use EXEC instead of SHELL. Not important, but with
>> SHELL,
>> you add an intermediate "sh" process that is useless.
>>
>> Regards,
>>
>> --
>> Benoît Minisini
>>
>>
>> ------------------------------------------------------------------------------
>> Virtualization is moving to the mainstream and overtaking non-virtualized
>> environment for deploying applications. Does it make network security
>> easier or more difficult to achieve? Read this whitepaper to separate the
>> two and get a better understanding.
>> http://p.sf.net/sfu/hp-phase2-d2d
>> _______________________________________________
>> Gambas-user mailing list
>> Gambas-user at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/gambas-user
>>
>
>
More information about the User
mailing list