On 2/20/20 4:57 PM, Lennart Sorensen via talk wrote:
On Thu, Feb 20, 2020 at 04:11:47PM -0500, Chris Tyler via talk wrote:
Stewart, I'm having troubles understanding the author's reply to the SGID
suggestion. What I was proposing was to set things up with a command like
this (executed just once):
BINARY=/path/to/binary ; sudo chmod 02711 $BINARY ; sudo chown root:disk
$BINARY
...Which would mean that the user would have their effective group ID
changed to 'disk' only while the binary was running. This means that,
during program execution, it would be have the same level of access as if
the user belonged to the 'disk' group; however, this would drop back to
their previous group membership when the binary exited. As a bonus, you
don't have to change the system group memberships. (The program in question
should, of course, guard against writing to the wrong device while it's
running, and prevent shell-outs).
It also means any user running the program has that access, not just
users in group disk. That may be considered better or worse.
I suppose the program could check that the user belongs to some other
group meant for this program, but then it gets even more complicated.
Why not open as a normal user and then exec or switch into another user
as need be. The real question is how much access does the program require
to the disk? Depending on that its pretty easy to figure out whether
SGID setting,
exec and switch users or run with sudo is the best option.
Nick
---
Post to this mailing list [email protected]
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
