Pharos firmware 2.2.0 and Privilege Separation
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Hello TP-Link,
obviously Pharos firmware 2.2.0 did introduce privilege separation for the SSH login shell. The shell does not allow to run commands which require root permissions.
Albeit it's a good idea to use privilege separation, there needs to be a way for authorized admins to run even privileged commands through ssh. For example, I need to be able to run the built-in radartool utility, which isn't possible anymore in Pharos v2.2.0 due to missing root permissions. But there is no way (at least I don't know of a way) to become root.
Why?
I'm aware that TP-Link preserves the right to change technical specifications and functions in order to improve product quality. But I think it's not o.k. to change firmware to remove functionality present before. This happened not only with Pharos products (i.e. removal of second Ethernet port, PoE pass-through on EU version of CPE510) , but also with Omada Controller (i.e. removing Client Isolation setting in favour of Guest Network).
Please consider adding a mechanism to become root in Pharos 2.2.0 again. You could either provide the su command or the sudo command to allow the admin user to become root (that's what an admin is supposed to be, isn't it?). As a last resort - and most easy to fix - you could set the SUID bit on the radartool executable and change ownership of the file to root.
Proof:
Pharos up to v2.1.13 (tested on CPE510 v1.1):
# radartool numdetects
Radar: detected 0 radars
#
Pharos v2.2.0 (tested on the same CPE510):
$ radartool numdetects
radartool: wifi0: Operation not permitted
$ su
-sh: su: not found
$
BTW: The SSH setting is being reset on firmware updates even if »Keep settings« has been selected.
Hello Scott.Tao,
mis-understanding - my fault, sorry. Pharos Control is still 2.0.0-1 for Linux and 2.0.4 for Windows on the TP-Link support site in my country. If you want a newer version 2.0.4 of Pharos Control for Linux, see my port of v2.0.4 for Linux here. I just took over Java classes from the Windows version and added missing privilege separation for the controller by modifying the shell script which starts the controller. It also includes some polishing of the HTML code for the controller's web UI.
I clarified the title of the posting: it is about privilege separation added by TP-Link in Pharos firmware v2.2.0 (not controller!). The official version of Pharos Control still has no privilege separation.
You can find Pharos firmware v2.2.0 on the support site for CPE510 v3. It also installs and runs fine on almost all older Pharos devices (CPE210 v1, CPE510 v1.1 WBS210, WBS510) except CPE210 v2/v3 models, probably due to a new HW design of those two. For Pharos firmware 2.2.1 see WBS510 v2, but not yet fully tested - was just released today.
It's confusing, I know. But detection of model and region is done by the universal firmware on devices listed above (almost certainly contained in the ART partition of the flash memory). That's why you can install CPE510 and CPE610 firmware on other models, too.
FYI: Following Pharos firmware versions run fine on CPE/WBS (except on CPE210 v2/v3 and probably on CPE610):
drwxr-xr-x 4 pharos staff 136 25 Dez 2018 Phaors-1.3.3-20160705
drwxr-xr-x 4 pharos staff 136 25 Dez 2018 Pharos-2.0.0-20161117
drwxr-xr-x 4 pharos staff 136 25 Dez 2018 Pharos-2.1.0-20170609
drwxr-xr-x 4 pharos staff 136 25 Dez 2018 Pharos-2.1.6-20170908
drwxr-xr-x 4 pharos staff 136 11 Mai 2018 Pharos-2.1.11-20180117
drwxr-xr-x 4 pharos staff 136 25 Dez 2018 Pharos-2.1.12-20180202
drwxr-xr-x 5 pharos staff 170 25 Dez 2018 Pharos-2.1.13-20180327
drwxr-xr-x 5 pharos staff 170 28 Feb 17:01 Pharos-2.2.0-20190125
drwxr-xr-x 5 pharos staff 170 22 Aug 04:25 Pharos-2.2.1-20190718
It's becoming lesser confusing if firmware filenames would be more structured as shown above. 