Donate
Has this website helped you?
If so, please donate a little to help out with hosting costs.
Members Online
Total Online: 38 Web Spiders: 6
Guests Online: 27
Members Online: 11
yavgeni,
zeroh4,
COM,
Colinho,
devilsson2010,
clone4,
Hoaxx,
Mercuree,
zerone73,
A55A551N,
Uber0n,
Registered Members: 33195 Newest Member: h3llscream
Most Users online: 523
|
View Thread
| Author |
Ubuntu Question |
GreyFox
Member
Posts: 128
Location:
Joined: 23.09.05
Rank: HBH Guru |
|
i'm learning about linux structure so these questions just came up.
Does the gnome's gui logoff/shutdown/byebye app or w/e u wanna call it has root access ?? I suppose it should but just making sure. and well if not, then how does it run shutdown which requires root access ?? and if it does, does it mean that if lets say somehow someone could find an exploit in it and execute a command, that command would be ran under root privilages ??
|
|
| Author |
RE: Ubuntu Question |
zeus_the_moose
ASM freak
Posts: 81
Location: Mpls., MN
Joined: 07.02.06
Rank: God |
|
No, you are not understanding how system calls work. The user level application that requests shutdown does not have access to the code that actually performs the shutdown itself. This is how operating systems maintain safety from user level code.
When you press shutdown in your desktop environment, it makes a call to a kernel function that does the shutdown for you. At no times does the user have direct access to this code (unless of course we find an exploit in the kernel level code).
Basically think of it like a doorway with a little hole to pass stuff through. You are baking a cake on your side of the door, but the only way for you to get the supplies you need to bake this cake are by requesting them from the stock keeper on the other side of the door. When you ask him for a cup of flour, he will go and find the flour, measure out a cup of it, and pass it through the hole to your side. You then can continue with baking your cake and you repeat this process until you are done. At no times are you allowed to pass through to the other side.
Now, there are multiple ways to get through to the other side (i.e. buffer overflows and other fun methods like patching the SSDT, IDT etc). But under normal operation, you have no way to change kernel code.
~The keyboard is mightier than the sword.~ |
|
| Author |
RE: Ubuntu Question |
fuser
Member
Posts: 311
Location: in front of a computer (duh)
Joined: 05.04.07
Rank: Hacker Level 1 |
|
wow, fascinating.
 |
|
| Author |
RE: Ubuntu Question |
GreyFox
Member
Posts: 128
Location:
Joined: 23.09.05
Rank: HBH Guru |
|
wow thanks for the answer, i appreciate it. My assumption was that the program uses "shutdown" app, or "pm-suspend" or etc to handle those requests but never thought it would do it directly. now a new question just came up. So that programs calls for a shutdown to kernel, and kernel does the rest correct ?? but doesnt kernel ask "who the hell are you to ask for this ??" from the programs ?? and if it does, how does it decide weather that program has the right to aks for such a thing. In ur example, how does the supplier decide whether to give u wat u need or not ?
|
|
| Author |
RE: Ubuntu Question |
Sabrewulf
Member
Posts: 106
Location:
Joined: 22.03.07
Rank: Mad User |
|
|
zeus_the_moose wrote:
No, you are not understanding how system calls work. The user level application that requests shutdown does not have access to the code that actually performs the shutdown itself. This is how operating systems maintain safety from user level code.
When you press shutdown in your desktop environment, it makes a call to a kernel function that does the shutdown for you. At no times does the user have direct access to this code (unless of course we find an exploit in the kernel level code).
Basically think of it like a doorway with a little hole to pass stuff through. You are baking a cake on your side of the door, but the only way for you to get the supplies you need to bake this cake are by requesting them from the stock keeper on the other side of the door. When you ask him for a cup of flour, he will go and find the flour, measure out a cup of it, and pass it through the hole to your side. You then can continue with baking your cake and you repeat this process until you are done. At no times are you allowed to pass through to the other side.
Now, there are multiple ways to get through to the other side (i.e. buffer overflows and other fun methods like patching the SSDT, IDT etc). But under normal operation, you have no way to change kernel code.
+1 for Zeus!
 |
|
| Author |
RE: Ubuntu Question |
zeus_the_moose
ASM freak
Posts: 81
Location: Mpls., MN
Joined: 07.02.06
Rank: God |
|
|
GreyFox wrote:
wow thanks for the answer, i appreciate it. My assumption was that the program uses "shutdown" app, or "pm-suspend" or etc to handle those requests but never thought it would do it directly. now a new question just came up. So that programs calls for a shutdown to kernel, and kernel does the rest correct ?? but doesnt kernel ask "who the hell are you to ask for this ??" from the programs ?? and if it does, how does it decide weather that program has the right to aks for such a thing. In ur example, how does the supplier decide whether to give u wat u need or not ?
You are asking exactly the right questions, good job. You should open up your shell and type in man shutdown. It will describe how the system shuts itself down and answer all of your questions. The shutdown command does have access control built in, so if you wish to prevent some users from shutting the computer down, you can do so.
In fact, every program on your unix system has access control built in. Unix separates user permissions into three groups (UGO or User Global Other). The user is the owner of the file, group is the group that the owner belongs to, and other is any other users on the system.
Navigate to your /bin or /sbin directory and type in ls -l. The first column (----------) shows the file type and permissions. The first - represents the file type, this can be regular file (-), directory (d), symbolic-link (l), or a couple of other symbols representing special file types (like block-special, character-special, FIFO, and socket). In fact, every single i/o operation on unix is done through a file.
The last nine -'s represent the user permissions, broken into groups of three looking like ---. The first character (r) is the read permission for the particular group, meaning if you see a r this type of user is allowed to read the file. The second character is the write permission (w), again if it is set the user has permission to append or overwrite the file. The third character represents the execute permission (x), if this is set that user is allowed to execute the file.
EDIT:
I should have explained this earlier, when you call shutdown it will call a user app. You could even code your own shutdown app if you wanted. But the kernel level stuff that actually shuts the computer down is completely transparent to you (the kernel has code to flush buffers to file and send the SIGKILL signal to programs etc). You cannot directly (without special tricks) modify how the operating system sends signals to programs, but if you have user level access you can tell the kernel to kill any program you have access over. Operating systems are designed in this manner. The kernel has absolute control over hardware, you as a user will at no times have direct access to these resources, you must use the kernel to talk to the hardware for you.
We should also consider drivers, they are kinda like a kernel intermediate. The driver has more access to the system as it is the go between for the hardware and the kernel. The kernel uses the driver to talk to the hardware and the user apps talk to the driver to get stuff from hardware (using IRPs and such, which are really called by the kernel but the user app has access to the calls). This is why you see so many rootkits implemented as drivers, they have more direct access over the hardware which allows them to play tricks that a normal user cannot.
~The keyboard is mightier than the sword.~
Edited by zeus_the_moose on 11-05-08 21:25 |
|
| Author |
RE: Ubuntu Question |
GreyFox
Member
Posts: 128
Location:
Joined: 23.09.05
Rank: HBH Guru |
|
ok I see what ur saying and i read the shutdown man page. (just using shutdown as an example here). So the shutdown basicly just changes the runlevel using telinit. i also checked man telinit and the privileges of that app. it turns out all users have the right to execute it but when i run for example "telinit 0" it says "you need to be root". and thats exactly the same error output for shutdown. I guess that telinit also calls for runlevel change from init and thats where the error arises, right ? or maybe its kernel that throws this error. in this case, the kernel or init only allow changing the runlevel to be done by a root user, right ?
haha linux is so fun
|
|
| Author |
RE: Ubuntu Question |
zeus_the_moose
ASM freak
Posts: 81
Location: Mpls., MN
Joined: 07.02.06
Rank: God |
|
I am not exactly sure how they implemented the shutdown function, as I have never needed to code a program that implements a system shutdown. I would make an educated guess that the reason it requires root is that you are trying to kill root processes and you don't have this permission. But to be quite honest, I really don't know exactly.
~The keyboard is mightier than the sword.~ |
|
| Author |
RE: Ubuntu Question |
yours31f
Member
Posts: 645
Location: where you send your lottery tickets.
Joined: 27.04.07
Rank: Hacker Level 3
Warn Level: 20
|
|
ok so i have a new question. Can you move programs/files from one os to another?
|
 
|
| Author |
RE: Ubuntu Question |
new_hack8912
Member
Posts: 14
Location:
Joined: 23.10.07
Rank: Uber Elite |
|
|
yours31f wrote:
ok so i have a new question. Can you move programs/files from one os to another?
Yes you can. So say you have windows on your harddrive and are running linux. You can go into /mnt/sda2/Windows or where ever you might want to go. Then just use cp to copy the file and put it where you want into linux.
For example,
cp /mnt/sda2/Windows /etc
This would copy the Windows folder to /etc in linux. |
|
| Author |
RE: Ubuntu Question |
lazybum
Member
Posts: 24
Location:
Joined: 18.01.08
Rank: Active User |
|
|
You also need to make sure your version of Linux can work with ntfs partitions. (or whatever partitioning format your disk used.) Even then it might throw out an error message about permissions or bad cycles and stuff. Linux doesn't really want to interact with windows by default but it's been improving in that regard. Also, windows hates Linux so you'll have a bit more difficulty going the other way. Everything is stored on the hard drive either way but the OS needs to read the portioning tables to get at it and Linux and Windows use different partitioning table formats. |
|
|
|
|
Main:
