iconv_open fails when suid bit is on
Elazar Leibovich
elazarl at gmail.com
Mon Feb 13 10:56:31 IST 2012
In RHEL 5 system, libc-6, I'm seeing the following strange phenomena
$ cat iconv_test.c
#include <stdio.h>
#include <errno.h>
#include <fcntl.h>
#include <iconv.h>
void iconv_test() {
static int nr = 0;
iconv_t iconv = iconv_open("MSCP949","UTF-8");
//iconv_t iconv = iconv_open("UTF-16","UTF-8");
if (iconv == (iconv_t)-1) {
puts( "can't initialize iconv");
} else {
puts( "iconv open success!" );
}
nr++;
}
int main(int argc,char **argv) {
iconv_test();
return 0;
}
$ gcc iconv_test.c
$ ./a.out
iconv open success!
$ sudo su -
# chown root:foo a.out
# chmod 4555 a.out
# su foo -
$ ./a.out
can't initialize iconv
$ strace ./a.out 2>/dev/null
iconv open success!
iconv_open on UTF-16 to UTF-8 succeeds!
This phenomena doesn't happen in recent Ubuntu.
I'm not familiar with the inner workings of iconv, but stracing a good
iconv run reveals it dlopen so files according to the chosen encodings,
maybe it's related.
1) I'll be glad for any thoughts or ideas how to debug this issue, other
than downloading the libc source rpm, compiling it, LD_PRELOAD, and hope
the problem will be recreated.
2) If someone can test this on a RHEL-5 machine, and report if it happens
to him too, it could be helpful.
Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20120213/34ac677c/attachment.html>
More information about the Linux-il
mailing list