You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Original bug ID: 7651 Reporter: ksk Status: resolved (set by @xavierleroy on 2017-10-05T08:33:16Z) Resolution: not a bug Priority: normal Severity: minor OS: Mac OS X OS Version: 10.12.6 Version: 4.05.0 Category: standard library Monitored by:@gasche
Bug description
When the executable file is compiled with unix.cma,
Unix.getuid and Unix.geteuid return the same value
even if the file has the sticky bit and is run by a non-owner.
Unix.geteuid must return the owner's uid.
This can be observed even for a Linux platform CentOS 6.
Steps to reproduce
Save the following program as suidtest.ml
let () = Format.printf "uid=%d@.euid=%d@." (Unix.getuid()) (Unix.geteuid())
Compile with unix.cma and set the sticky bit to it.
ocamlc -o suidtest unix.cma suidtest.ml
chmod u+s suidtest
Execute it as the root.
sudo ./suidtest
Then the output is:
uid=0
euid=0
If it is compiled with unix.cmxa as a native code like:
ocamlopt -o suidtest unix.cmxa suidtest.ml
then the result is correctly
uid=0
euid=503
The text was updated successfully, but these errors were encountered:
Bytecode executables generated by ocamlc are #!-scripts for the ocamlrun bytecode interpreter. Most if not all Unix kernels ignore setuid bits on scripts, and probably for good security reasons.
If you want to write a setuid application in OCaml, compile it to a real executable using "ocamlopt" or even "ocamlc -custom".
Original bug ID: 7651
Reporter: ksk
Status: resolved (set by @xavierleroy on 2017-10-05T08:33:16Z)
Resolution: not a bug
Priority: normal
Severity: minor
OS: Mac OS X
OS Version: 10.12.6
Version: 4.05.0
Category: standard library
Monitored by: @gasche
Bug description
When the executable file is compiled with unix.cma,
Unix.getuid and Unix.geteuid return the same value
even if the file has the sticky bit and is run by a non-owner.
Unix.geteuid must return the owner's uid.
This can be observed even for a Linux platform CentOS 6.
Steps to reproduce
Save the following program as suidtest.ml
let () = Format.printf "uid=%d@.euid=%d@." (Unix.getuid()) (Unix.geteuid())
Compile with unix.cma and set the sticky bit to it.
ocamlc -o suidtest unix.cma suidtest.ml
chmod u+s suidtest
Execute it as the root.
sudo ./suidtest
Then the output is:
uid=0
euid=0
If it is compiled with unix.cmxa as a native code like:
ocamlopt -o suidtest unix.cmxa suidtest.ml
then the result is correctly
uid=0
euid=503
The text was updated successfully, but these errors were encountered: