[Simh] simh and tap device under linux
Tim Newsham
newsham at lava.net
Tue Aug 25 13:45:45 EDT 2009
> The other technique works as long as you have 'sudo' installed. You
> can add a line to your /etc/sudoers file to let a normal user (login
> 'foobar') run the executable as root:
>
> foobar ALL=NOPASSWD: /path/to/pdp11
You might as well just give root access to the person who will
run pdp11. If its setuid you can just shell out and run
commands as root:
$ id
uid=500(newsham) gid=500(users) groups=500(users),0(wheel)
$ ls -l pdp11-suid
-rwsr-xr-x 1 root users 1229586 Aug 25 07:37 pdp11-suid*
$ ./pdp11-suid
PDP-11 simulator V3.7-3
sim> ! id
uid=500(newsham) gid=500(users) euid=0(root) groups=500(users),0(wheel)
sim>
removing the shell-out facility won't really make it much
harder to gain full root privileges as simh is a fairly powerful
engine and never designed to prevent privilege escalation
when run setuid root.
> Both techniques are a security risk, but as they say, life involves
> risk. :-) Only you can decide how much security trade-off you're
> willing to live with.
Just make sure you're aware how big of a trade off this is.
A better solution would be to adjust your system to allow
certain non-root users to get access to the sockets needed
or patch simh to grab the socket as early as possible and
then drop any elevated euid.
> -Seth
Tim Newsham
http://www.thenewsh.com/~newsham/
More information about the Simh
mailing list