[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Gringotts on FC3



On Tue, 7 Mar 2006, Steffen Kluge wrote:

On Sun, 2006-03-05 at 16:23 -0800, Benjamin Franz wrote:
Try putting the following in a script and then run it using the script.
Don't ask me why it works.

#!/bin/bash
/usr/bin/strace /usr/bin/gringotts 2> /dev/null

Does *anyone* know why it works? I've been doing the strace trick ever
since it broke (I know it worked fine in FC2). What would make gringotts
reliably fail (segfault) when run directly, but reliably succeed when
run under strace? Some sort of race condition? I've done a great many
builds of gringotts and its libs, using different combinations of
compiler switches, but they all segfault eventually.

Gringotts looks like a fine secure container for those who don't need a
whole encrypted filesystem. There don't seem to be any work-alikes in
Fedora, so I'd be very pleased if it started working properly again.

Some Googling gave me this:

http://lists.debian.org/debian-kernel/2004/11/msg00372.html

The quick and dirty fix: Remove setuid from /usr/bin/gringotts

As root: chmod -s /usr/bin/gringotts

I tested it. It worked.

The 64 dollar question is why the heck it is running setuid in the first place?

--
Benjamin Franz

If you can't handle reality, it *will* handle you.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]