Prev: Socket or device
Next: We are currently buying Foundy Networks - primarily NetIron MLX and XMR but are also looking for BigIron RX, ServerIron WMS7, and FastIron FESX's. If you have the above or have access to the above from a client looking ro recover value, please sen
From: Barry Margolin on 28 Jul 2010 03:45
In article <ca54i7-907.ln1(a)gate.cowlark.com>,
David Given <dg(a)cowlark.com> wrote:

> On 27/07/10 09:06, Ersek, Laszlo wrote:
> [...]
> > http://www.opengroup.org/onlinepubs/9699919799/functions/setreuid.html
> > http://www.opengroup.org/onlinepubs/9699919799/functions/setuid.html
> >
> > Their rationales might prove relevant to you.
>
> Thanks, but I'd already seen those; as the rationales basically boil
> down to 'it's complicated than it appears', I'd very much rather not try
> to second-guess the documentation. This code is security-related, after
> all, and has to be right.
>
> I'd have thought that this was a common enough task that there'd be
> examples online available on how to do it right, but I haven't found
> much yet, and those that I have found don't appear to be correct (they
> don't set the groups list, for example); hence the reason I'm asking
> here. Can anyone point me at a known correct example of how to do this?

BIND has an option to drop root permissions, so maybe take a look at
that section of its source code.

--
Barry Margolin, barmar(a)alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
From: Richard Kettlewell on 28 Jul 2010 15:02
David Given <dg(a)cowlark.com> writes:

> I'm trying to make a daemon drop root permissions after initialisation.
> This turns out to be more complicated than I thought, particularly when
> it comes to uids vs euids vs reguids etc and I'm finding it rather
> difficult to find any decent online references.
>
> Can anyone point me at a known best practice for how to do this correctly?
>
> My requirements are: I do my initialisation as root. After
> initialisation, I wish to change to be running under a known uid and
> gid. I don't need to change back again later. I do need to initialise
> the group list.
>
> I'd assume naively that it was just a matter of calling initgroups(),
> set[e]gid() and set[e]uid() in that order, but it seems there's more to
> it than that...

My code does initgroups/setgid/setuid, but then checks it got it right,
first by examining the results of get(e)[ug]id and then by attempting to
setuid and seteuid back to 0 and verifying that they fail.

--
http://www.greenend.org.uk/rjk/
First  |  Prev  | 
Pages: 1 2
Prev: Socket or device
Next: We are currently buying Foundy Networks - primarily NetIron MLX and XMR but are also looking for BigIron RX, ServerIron WMS7, and FastIron FESX's. If you have the above or have access to the above from a client looking ro recover value, please sen