On Mon, Jan 29, 2024 at 12:10:07PM +0000, RVP wrote:
> On Sat, 27 Jan 2024, tlaro...@kergis.com wrote:
>
> > But does somebody know of an established program or library that allows
> > to start a process as root and to automatically downgrade rights for
> > tasks (I mean identified chunks of whatever code) that do not require
> > privileges?
> >
>
> You mean toggling between various EUIDs and the saved-SUID? That's
> pretty standard stuff, but, I don't know if it's been encapsulated
> in any kind of utility.
>
An example would have made my mean clearer.
The question is not if it is possible to program this---it is, of
course. The question was if there was something established that would
do in some sense the reverse of sudo(1): one starts an utility with
root rights, but the program is "downgraded" to a (defined) lambda
user and when rights are needed or a failure about rights
encountered (we will call it an exception), if the task belongs to a
certain list (defined), the root rights are restored to achieve the task.
The typical example is say, with pkgsrc (or any kind of packages
system). One wants to build unprivileged, but installation may be
privileged. So instead of running as non root and having to enter the
password each time the installation of a dependency requires it, one
starts as root, but the privileged rights are only used when needed.
(I know that one can build in a chroot unprivileged and so.
The curiosity is to know if another way to achieve things has been
attempted.)
Hoping the example clarifies the question (the question being not, of
course not, if it is possible to achieve this with the existing system
calls, but: does someone know if it has been made already somewhere as
a general utility).
All in all this is what the system makes: the utility runs in user
space but hitting an exception, it accesses privileged (kernel)
resources if the user has the rights to do so. The (main) difference
being that a user could have a range of rights, the task being
always attempted with the minimum rights before promoting in the limit
of the maximum user rights. (This can also of course be partially
achieved with groups and sticky rights.)
--
Thierry Laronde <tlaronde +AT+ kergis +dot+ com>
http://www.kergis.com/
http://kertex.kergis.com/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89 250D 52B1 AE95 6006 F40C
