Ubuntu Question
i'm learning about linux structure so these questions just came up.
Does the gnome's gui logoff/shutdown/byebye app or w/e u wanna call it has root access ?? I suppose it should but just making sure. and well if not, then how does it run shutdown which requires root access ?? and if it does, does it mean that if lets say somehow someone could find an exploit in it and execute a command, that command would be ran under root privilages ??
No, you are not understanding how system calls work. The user level application that requests shutdown does not have access to the code that actually performs the shutdown itself. This is how operating systems maintain safety from user level code. When you press shutdown in your desktop environment, it makes a call to a kernel function that does the shutdown for you. At no times does the user have direct access to this code (unless of course we find an exploit in the kernel level code). Basically think of it like a doorway with a little hole to pass stuff through. You are baking a cake on your side of the door, but the only way for you to get the supplies you need to bake this cake are by requesting them from the stock keeper on the other side of the door. When you ask him for a cup of flour, he will go and find the flour, measure out a cup of it, and pass it through the hole to your side. You then can continue with baking your cake and you repeat this process until you are done. At no times are you allowed to pass through to the other side. Now, there are multiple ways to get through to the other side (i.e. buffer overflows and other fun methods like patching the SSDT, IDT etc). But under normal operation, you have no way to change kernel code.
wow thanks for the answer, i appreciate it. My assumption was that the program uses "shutdown" app, or "pm-suspend" or etc to handle those requests but never thought it would do it directly. now a new question just came up. So that programs calls for a shutdown to kernel, and kernel does the rest correct ?? but doesnt kernel ask "who the hell are you to ask for this ??" from the programs ?? and if it does, how does it decide weather that program has the right to aks for such a thing. In ur example, how does the supplier decide whether to give u wat u need or not ?
zeus_the_moose wrote: No, you are not understanding how system calls work. The user level application that requests shutdown does not have access to the code that actually performs the shutdown itself. This is how operating systems maintain safety from user level code. When you press shutdown in your desktop environment, it makes a call to a kernel function that does the shutdown for you. At no times does the user have direct access to this code (unless of course we find an exploit in the kernel level code). Basically think of it like a doorway with a little hole to pass stuff through. You are baking a cake on your side of the door, but the only way for you to get the supplies you need to bake this cake are by requesting them from the stock keeper on the other side of the door. When you ask him for a cup of flour, he will go and find the flour, measure out a cup of it, and pass it through the hole to your side. You then can continue with baking your cake and you repeat this process until you are done. At no times are you allowed to pass through to the other side. Now, there are multiple ways to get through to the other side (i.e. buffer overflows and other fun methods like patching the SSDT, IDT etc). But under normal operation, you have no way to change kernel code.
+1 for Zeus!
GreyFox wrote: wow thanks for the answer, i appreciate it. My assumption was that the program uses "shutdown" app, or "pm-suspend" or etc to handle those requests but never thought it would do it directly. now a new question just came up. So that programs calls for a shutdown to kernel, and kernel does the rest correct ?? but doesnt kernel ask "who the hell are you to ask for this ??" from the programs ?? and if it does, how does it decide weather that program has the right to aks for such a thing. In ur example, how does the supplier decide whether to give u wat u need or not ? You are asking exactly the right questions, good job. You should open up your shell and type in man shutdown. It will describe how the system shuts itself down and answer all of your questions. The shutdown command does have access control built in, so if you wish to prevent some users from shutting the computer down, you can do so.
In fact, every program on your unix system has access control built in. Unix separates user permissions into three groups (UGO or User Global Other). The user is the owner of the file, group is the group that the owner belongs to, and other is any other users on the system.
Navigate to your /bin or /sbin directory and type in ls -l. The first column (–––––) shows the file type and permissions. The first - represents the file type, this can be regular file (-), directory (d), symbolic-link (l), or a couple of other symbols representing special file types (like block-special, character-special, FIFO, and socket). In fact, every single i/o operation on unix is done through a file.
The last nine -'s represent the user permissions, broken into groups of three looking like —. The first character (r) is the read permission for the particular group, meaning if you see a r this type of user is allowed to read the file. The second character is the write permission (w), again if it is set the user has permission to append or overwrite the file. The third character represents the execute permission (x), if this is set that user is allowed to execute the file.
EDIT: I should have explained this earlier, when you call shutdown it will call a user app. You could even code your own shutdown app if you wanted. But the kernel level stuff that actually shuts the computer down is completely transparent to you (the kernel has code to flush buffers to file and send the SIGKILL signal to programs etc). You cannot directly (without special tricks) modify how the operating system sends signals to programs, but if you have user level access you can tell the kernel to kill any program you have access over. Operating systems are designed in this manner. The kernel has absolute control over hardware, you as a user will at no times have direct access to these resources, you must use the kernel to talk to the hardware for you. We should also consider drivers, they are kinda like a kernel intermediate. The driver has more access to the system as it is the go between for the hardware and the kernel. The kernel uses the driver to talk to the hardware and the user apps talk to the driver to get stuff from hardware (using IRPs and such, which are really called by the kernel but the user app has access to the calls). This is why you see so many rootkits implemented as drivers, they have more direct access over the hardware which allows them to play tricks that a normal user cannot.
ok I see what ur saying and i read the shutdown man page. (just using shutdown as an example here). So the shutdown basicly just changes the runlevel using telinit. i also checked man telinit and the privileges of that app. it turns out all users have the right to execute it but when i run for example "telinit 0" it says "you need to be root". and thats exactly the same error output for shutdown. I guess that telinit also calls for runlevel change from init and thats where the error arises, right ? or maybe its kernel that throws this error. in this case, the kernel or init only allow changing the runlevel to be done by a root user, right ?
haha linux is so fun
I am not exactly sure how they implemented the shutdown function, as I have never needed to code a program that implements a system shutdown. I would make an educated guess that the reason it requires root is that you are trying to kill root processes and you don't have this permission. But to be quite honest, I really don't know exactly.