Purpose: to investigate issues relating to writing set-userid Tk applications.
Here's a simple set-userid application that I'm using as a demonstration of the machinations one has to go through to get this stuff to work..
$ cat setuid.sh
#! /bin/sh
/usr/tcl83/bin/tclsh /home/lwv26/setuid.tcl
$ cat setuid.tcl
#!/bin/sh
# \
exec /usr/tcl83/bin/tclsh "$0" ${1+"$@"}
package require Tclx
set i [info loaded]
puts $i
set efd1 [open "/tmp/effective" "w"]
puts $efd1 "output"
close $efd1
# A file owned by the effective user id was just created
# Now, change users so that Tk can be done.
set effective [id effective userid]
set real [id userid ]
puts "Before: realid = $real effectiveid = $effective"
id userid $real
puts "After: realid = $real effectiveid = $effective"
load /usr/tcl83/lib/libtk8.3.so
proc quitApp { args } {
puts [format "%s" $args]
}
set res [wm protocol . WM_DELETE_WINDOW quitApp]
puts $res
button .b -text 0 -command {.b config -text [expr [.b cget -text]+1]}
pack .b ;#RS
vwait forever
puts "All done now"
$ su differentuid
Password:
% chmod 4755 setuid.sh
$
$ /home/lvirden/setuid.sh
Before: realid = 203 effectiveid = 3750
After: realid = 203 effectiveid = 3750followed by the appearance of a button. Attempts to close out the button just result in output to stdout and the button continuing.
I'd love to hear from you on what else I need to consider, and how we could make this much less painful.