Wednesday, Debtember 04, 2002
Silent BlogIt's that month.
The one month I wish I could skip entirely. I want to hibernate, to avoid any conscience moments in a month of forced cheer, out of control spending, Christmas Carols, and ever increasing traffic levels.
Unfortunately, it's progressing … one … day
Also, both Spring and I have been rather down lately. I also feel less inclined to do stuff and would rather just hang out and converse with friends. The problem with even that though, is getting in the right mood for conversing; it doesn't help that my sleep schedule is all screwed up to the point where I'm actually getting up in the morning!
If you know me at all, you know that is not a normal thing for me.
Anyway, some email from readers about previous entries:
From: Jeff Cuscutis
To: Sean Conner
Subject: Mail service
Date: Wed, 27 Nov 2002 23:25:50 -0500
Saw the http://boston.conman.org/2002/11/23.1 3 days entry. My boss had the same thing happen this week. He checks his mail once a week. They returned his mail. He was not pleased and called them up. After insulting them “I'm sorry, but no one who answers a phone is a supervisor,” he told them his vacation plans: he will be gone every Monday through Friday for the next 3 months so he will only get mail service on Saturdays.
I guess I can take solice in that we're not the only ones with this problem.
To: Sean Conner
Subject: Hey ...
Date: Fri, 29 Nov 2002 17:02:22 -0500
Hey, man, I just hit your page with the New Opera 7, Beta 1, and it's following some nice little tags that you have in your HTML ... check it out ... it's pretty bad ass ... Of course, it's gotta be on a windows box, cause Opera's development on Linux, and all things non-windows is just a bit behind.
I put a screenshot in
Kinda large, cause they're bitmaps, but it's kinda impressive. I haven't seen this sort of functionality on any of the other browsers ... at least, not straight out of the box, so I was a bit impressed with this.
Opera finally supports the <LINK> tags it seems, and unlike Mozilla you don't have to turn it on. I suspect (not having seen Opera in action) that the navigation bar only comes up on sites that have the <LINK> tags. It's nice to see that tags I started using some four or five years ago finally getting use ...
From: Steve Crane
To: Sean Conner
Subject: International Money Orders
Date: Sat, 30 Nov 2002 22:13:15 +0200
I liked your story about the money order. Of course if you were dealing with a South African you would have got it right away. We call them POSTAL orders. :-)
And now I know (for the record, Steve is a friend from South Africa, if your curious about the time zone in the date).
To: Sean Conner
Subject: Engineering Porn
Date: Mon, 2 Dec 2002 21:21:53 -0500
Where did you hear about pronography being used in that manner? I'm reading a cyberpunk book, Synners, right now and it mentions porn in that context. It was the first time I've ever heard it used in that manner, so I was quite surprised to see it a few days later in your journal.
I actually got it from the same book, and I'm sure that's where jwz got it from as well (I titled that entry the same as his entry by the way). I read that book, oh, what? Eight years ago or so and it's stuck with me ever since. The first draft of that entry mentioned Synners but a subsequent edit removed it (for better flow).
“The check is done with the process' real id … ”
Your journal software leaves the content files world writable:
That is not so much a bug as a work-around the rather brain-damaged Unix permissions. The software accepts new entries via email or a web interface (okay, so I've yet to actually use the web interface, it's there if I ever need it) and since sendmail writes files as “mail/mail” and the web server runs as “www/www” and since I can upload files (usually images) as “spc/users” there's a bit of a problem.
Why not just have those programs execute SUID/SGID as spc/users? Then there is no problem. Assuming those programs check paths so I can't do anything naughty that shouldn't be a security risk at all.
This is something I'm willing to live with.
I can cook you up a comment system :-)
Email exchange between Mark and myself about mod_blog
Since Mark also has access to the webserver, it would be rather easy for him to “cook up a comment system.”
Anyway, I've spent the past hour or so working on making mod_blog SUID and not having much success.
Or rather, partial success.
New entries are added, that isn't the problem. The problem is in displaying the entries (and in generating a few static pages like the main page and the RSS feed which technically I don't have to do, but it lightens the load on the server if I do). And tracking down the problem wasn't straight forward—it worked fine if I (as me) ran it under my own user ID, but it would fail if I ran it as another user (which is odd, since the program, being SUID should have run as me reguardless of who started it). And gdb doesn't allow one to debug a SUID program if you run it as a different user than the one who owns it.
That just means I have to resort to other means to debug the program, which is a skill I picked up, despite being tediously annoying (okay, gdb may be able to debug a SUID program as someone other than the owner, but I don't know the magic incantations to do such a thing and I'm trying to track down a problem with my code; I don't really want to fight another program at this time).
I finally found the problem, and it's a Unix problem.
The current method I use to store entries is to store each one in its own file, using a directory structure as so:
year “/” month “/” day “/”
where the directory “day” contains the actual entries.
Now, not every day or month has to be there (heck, entire years can be skipped), so as a quick check I use the access() function to see if a date (as stored on the disk) exists.
access checks whether the process would be allowed to read, write, or test for existence of the file (or other file system object) whose name is pathname. If pathname is a symbolic link permissions of the file referred to by this symbolic link are tested.
access(2) manual page
Since I'm testing for the existence of a directory (and I don't really want to change into it or even at this point open the directory for reading) access() seems the perfect choice to use. But reading a bit further …
The check is done with the process's [sic] real uid and gid, rather than with the effective ids as is done when actually attempting an operation. This is to allow set-UID programs to easily determine the invoking user's authority.
access(2) manual page
So while all the damaging system calls use the effective user id, the safest system call you can make, the one that does practically nothing, uses the real user id.
Tell me again how this helps?
So, even though the program supposedly runs under my user id, it really isn't and I have to tell the system that it should. setreuid() should solve that problem.
Three years and still going …I just realized that today is the Third Anniversary of The Boston Diaries.
My, how time flies …