View Issue Details

IDProjectCategoryView StatusLast Update
0004152unrealircdpublic2012-12-26 15:54
ReporterasmadeusAssigned Tosyzop 
PrioritynormalSeveritycrashReproducibilityalways
Status resolvedResolutionfixed 
PlatformLinuxOSAnyOS VersionAny
Product Version3.2.10 
Target VersionFixed in Version3.2.10 
Summary0004152: ircd.log is created with unusable permissions (user) if unrealircd does a seteuid
Descriptionunreal used with IRC_USER and IRC_GROUP (i.e. to have it setuid/setgid) will first log something before changing user, thus creating ircd.log as root if it doesn't exist.
After changing user it tries to open the log again and fails (it's opened/closed everytime someone calls ircd_log)

Steps To ReproduceCompile unreal with IRC_USER and IRC_GROUP set then:
rm ircd.log
./unreal start as root

(I need to run it as root and let it change user for chroot)
Additional InformationHappened on earlier versions, but there's a new check in ircd_log(), src/s_extra.c that makes unreal exit if it fails during startup

Possible solutions:
 - not use ircd_log before setuid? *cough*
 - open the log file once and for all, not everytime there's a message to log?
 - chown the file before doing the setuid? Or eventually after it got created?
TagsNo tags attached.
3rd party modules

Activities

syzop

2012-12-26 15:53

administrator   ~0017278

chown() might be a good idea. After all, the ircd may hit (size) limits as defined in the log block and the log file may have to be 'restarted'.. all when running under the low-privileged user.

I've fixed this in 3.2.10 and updated the download.
Tested it locally and where - indeed - the ircd didn't start before this fix, it does now work OK.

So.. issue resolved ;)

Issue History

Date Modified Username Field Change
2012-12-26 14:39 asmadeus New Issue
2012-12-26 15:53 syzop Note Added: 0017278
2012-12-26 15:53 syzop Status new => resolved
2012-12-26 15:53 syzop Fixed in Version => 3.2.10
2012-12-26 15:53 syzop Resolution open => fixed
2012-12-26 15:53 syzop Assigned To => syzop