I have two (/etc/init.d/) startup script, one calls another script and
one calls an program. I would like to have this other script and
program run as another user than root. Most programs, from what I can
tell, do this using the SETUID() C programming call which appears to be
fairly secure:
SETUID(2) - setuid() sets the effective user ID of the current
process. The setuid() function checks the effective user ID of the
caller and if it is the superuser, all process related user IDs are
set to uid. *After this has occurred, it is impossible for the program
to regain root privileges.*
I assume this means that if someone tried to hack the program by
smashing the stack or some other method, they would be unable to exit
back to root user. I would like this other script and program to behave
in a similar fashion, but SETUID() is not available as a script call,
and I am unable to modify the program to add a SETUID() call. How can I
do this?
The closest command I have found would be running something like "su
<user> -c <command>" which runs the command as the specified user, but
when the command exits, I am still user root. I fear that it could be
hacked and taken advantage of.
Is this the correct way to do this?
Thanks,
Kenneth
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
