CMSETUSER(1)
NAME
cmsetuser - a setuid root intermediary to cm programs
SYNOPSIS
cmsetuser [-v] directory cmprogram [ args ...]
DESCRIPTION
Cmsetuser is an intermediate program which may be used to
set the userid and groupid of a configuration management
program such as sccs(1). This utility is shipped in source
form and is only useful if run as suid root. Since this
program is meant to be run suid root, we have gone to heroic
lengths to insure security. The security checks are
discussed below.
Cmsetuser will exec the specified program, cmprogram, (e.g.
sccs(1)) and set the owner of cmprogram to be the same as a
control file called .ddts.cm.ctrl. Cmsetuser will search
for .ddts.cm.ctrl in the directory passed to it. If
.ddts.cm.ctrl is not found in directory it will be searched
for in each parent directory back to the root directory. If
the control file is not found then Cmsetuser just runs
cmprogram with the normal user's login id.
Thus cmsetuser may be used to set the userid and groupid
under which a configuration management program will run to
the userid and groupid of the owner of the files being
managed.
If cmsetuser's effective user id is not root (0), it
immediately resets the effective userid and groupid to the
normal user's login id before executing cmprogram.
Cmsetuser performs the following actions when invoked. If
cmsetuser's effective user id IS root (0) and if a control
file can be found either in the directory argument or above
it in the directory hierarchy, and if the owner of the
control file also owns the directory, then the control file
is scanned for userid's. If the user's userid is found in
the control file or the control file is empty then the
cmprogram argument will be checked. If the cmprogram
argument is found in the program's internal list of
acceptable programs and if cmsetuser itself is not writeable
by other groups or other users and if .ddts.cm.ctrl. is not
owned by root then, cmsetuser will set the uid and gid of
cmprogram to the userid and groupid of the control file and
set the umask to 022 before executing the cmprogram program.
Options
When cmsetuser is invoked with the -v option, it will echo
the reason it couldn't setuid to the owner of the directory
argument to standard error. This can also be accomplished by
setting the CMDEBUG shell environment variable to any non
null value.
ENVIRONMENT
CMDEBUG
When set, this variable performs the same function as
the -v option described above.
INSTALLATION
As delivered, cmsetuser is NOT configured to run as a setuid
program. If you need the functionality provided by
cmsetuser, you must perform the following commands while
logged in as root.
cd ~ddts/bin
chown root cmsetuser
chmod 4111 cmsetuser
The source program cmsetuser.c is provided in the ~ddts/etc
directory so that it can be modified or analyzed before
being used.
CM PROGRAMS
The following programs are considered valid cm programs
cmsetuser. Mkdir is included as it is needed by the rcs cm
tools.
/usr/bin/ci
/usr/bin/co
/usr/bin/rcs
/usr/local/bin/ci
/usr/local/bin/co
/usr/local/bin/rcs
/usr/ucb/sccs
/usr/bin/mkdir
FILES
.ddts.cm.ctrl
The control file found somewhere in the user's
directory hierarchy. Ownership (both user and
group) are important because they will be used to
setuid and setgid cmprogram. If the file is
empty, any user may have access, otherwise the
file is scanned for a freeform list of usernames
and if the user is found to be among the list, the
user will gain access.
$DDTSHOME/bin/cm.rcs
The file of rcs cm commands sourced by cm.tty.sh.
$DDTSHOME/bin/cm.sccs
The file of sccs cm commands sourced by cm.tty.sh.
SEE ALSO
cm.sh(1), cm.tty.sh(1), cm2ddts(1)