| Author |
Message |
Ertugrul Soeylemez
*nix forums Guru Wannabe
Joined: 28 Oct 2005
Posts: 126
|
 Posted: Mon Jul 17, 2006 3:43 am Post subject:
Re: access root privileges through C program
|
|
|
Unruh <unruh-spam@physics.ubc.ca> (06-07-16 22:30:26):
| Quote: | However, you can write a program with special permissions ( which only
root can give it called suid) which can have root privs when it starts
up. If you ever give them up in that program you cannot get them back.
|
Actually it can. The program can somehow reclaim root privileges, if it
had them before, but I don't know how exactly. I think, it had to do
with Linux caps.
Regards,
E.S. |
|
| Back to top |
|
 |
Unruh
*nix forums Guru
Joined: 22 Mar 2005
Posts: 1166
|
| Posted: Sun Jul 16, 2006 10:30 pm Post subject:
Re: access root privileges through C program
|
|
|
Colin McKinnon <colin.thisisnotmysurname@ntlworld.deletemeunlessURaBot.com> writes:
| Quote: | motet520 wrote:
i know with privileges rise from linux tool with uselib24.c and,
hatrorihan20.c(this case is not accuratery) etc. It cannot do well
English it will be ruined long.
|
I agree that the English is rather confusing.
You CANNOT use a C program to switch to root privs. If y ou could the root
privs would be totally useless. Anyone could write a program to give
themselves root.
However, you can write a program with special permissions ( which only root
can give it called suid) which can have root privs
when it starts up. If you ever give them up in that program you cannot get
them back.
|
|
| Back to top |
|
|
Colin McKinnon
*nix forums Guru
Joined: 19 Feb 2005
Posts: 410
|
| Posted: Sun Jul 16, 2006 9:59 pm Post subject:
Re: access root privileges through C program
|
|
|
motet520 wrote:
| Quote: | i know with privileges rise from linux tool with uselib24.c and,
hatrorihan20.c(this case is not accuratery) etc. It cannot do well
English it will be ruined long.
|
Yoda, be not swayed by the dark side - use the force you must. motet520
seeks to tempt you with exploits. Read
http://www.unixpapa.com/incnote/setuid.html and acheive enlightnment.
C. |
|
| Back to top |
|
|
Ertugrul Soeylemez
*nix forums Guru Wannabe
Joined: 28 Oct 2005
Posts: 126
|
| Posted: Sat Jul 15, 2006 9:09 am Post subject:
Re: access root privileges through C program
|
|
|
Unruh <unruh-spam@physics.ubc.ca> (06-07-15 06:12:32):
| Quote: | You should make the program owned by root and have the setuid bit
on. The code is then able to change its effective UID between the
user and root with the seteuid() system call.
No you shouldn't, because programs SUID to root could possibly harm
system security. If you're good at writing perfectly secure code,
then that's not much of a problem, but otherwise I'd suggest using
'sudo' from your program instead. Don't use the SUID bit, where not
necessary.
In fact that can be much less secure. With suid the program can give up
root priv when no longer needed. Once it has given up root, you cannot get
it back however.
Under sudo, the program always runs as root, meaning any bugs are running
as root.
Ie, suid root is more secure than sudo on that same program.
|
Sure, but as long as you call those programs with a fixed command line,
nothing can happen. Otherweise being logged in as root somewhere would
be a security hazard.
And the code, which is run (like lsmod, ls, cat, ...) is well known and
tested. New code is always potentially buggy. You have to parse
command line options and open files before giving up root privileges.
There is enough room for a security risk.
Regards,
E.S. |
|
| Back to top |
|
|
Unruh
*nix forums Guru
Joined: 22 Mar 2005
Posts: 1166
|
| Posted: Sat Jul 15, 2006 6:12 am Post subject:
Re: access root privileges through C program
|
|
|
Ertugrul Soeylemez <never@drwxr-xr-x.org> writes:
| Quote: | Tauno Voipio <tauno.voipio@iki.fi.NOSPAM.invalid> (06-07-14 20:24:22):
hi
i want to develop a program in C with gtk frontend , which is run
under normal user privilges and want to have root privileges and i
want to run some commands like lsmod etc. After finishing up the
commands processing like lsmod i want come back to normal privileges
program. I want to restore the user privileges to the program. How
to implement it? please help me. mail me to yoda.techies@gmail.com
You should make the program owned by root and have the setuid bit on.
The code is then able to change its effective UID between the user and
root with the seteuid() system call.
No you shouldn't, because programs SUID to root could possibly harm
system security. If you're good at writing perfectly secure code, then
that's not much of a problem, but otherwise I'd suggest using 'sudo'
from your program instead. Don't use the SUID bit, where not necessary.
|
In fact that can be much less secure. With suid the program can give up
root priv when no longer needed. Once it has given up root, you cannot get
it back however.
Under sudo, the program always runs as root, meaning any bugs are running
as root.
Ie, suid root is more secure than sudo on that same program.
|
|
| Back to top |
|
|
Ertugrul Soeylemez
*nix forums Guru Wannabe
Joined: 28 Oct 2005
Posts: 126
|
| Posted: Sat Jul 15, 2006 5:36 am Post subject:
Re: access root privileges through C program
|
|
|
Tauno Voipio <tauno.voipio@iki.fi.NOSPAM.invalid> (06-07-14 20:24:22):
| Quote: | hi
i want to develop a program in C with gtk frontend , which is run
under normal user privilges and want to have root privileges and i
want to run some commands like lsmod etc. After finishing up the
commands processing like lsmod i want come back to normal privileges
program. I want to restore the user privileges to the program. How
to implement it? please help me. mail me to yoda.techies@gmail.com
You should make the program owned by root and have the setuid bit on.
The code is then able to change its effective UID between the user and
root with the seteuid() system call.
|
No you shouldn't, because programs SUID to root could possibly harm
system security. If you're good at writing perfectly secure code, then
that's not much of a problem, but otherwise I'd suggest using 'sudo'
from your program instead. Don't use the SUID bit, where not necessary.
Regards,
E.S. |
|
| Back to top |
|
|
Tauno Voipio
*nix forums Guru
Joined: 14 Mar 2005
Posts: 678
|
| Posted: Fri Jul 14, 2006 8:24 pm Post subject:
Re: access root privileges through C program
|
|
|
yoda.techies@gmail.com wrote:
| Quote: | hi
i want to develop a program in C with gtk frontend , which is run
under normal user privilges and want to have root privileges and i want
to run some commands like lsmod etc. After finishing up the commands
processing like lsmod i want come back to normal privileges program. I
want to restore the user privileges to the program. How to implement
it? please help me.
mail me to yoda.techies@gmail.com
|
You should make the program owned by root and have the setuid bit on.
The code is then able to change its effective UID between the user
and root with the seteuid() system call.
For module listing, you do not need root privileges, it suffices to open
and read the file /proc/modules. For testing, just do
cat /proc/modules
--
Tauno Voipio
tauno voipio (at) iki fi |
|
| Back to top |
|
|
motet520
*nix forums beginner
Joined: 14 Jul 2006
Posts: 2
|
| Posted: Fri Jul 14, 2006 3:30 pm Post subject:
Re: access root privileges through C program
|
|
|
i am sorry . hatrorihan20.c no --> hatorihazo.c right ^____^
motet520 작성:
| Quote: | i know with privileges rise from linux tool with uselib24.c and,
hatrorihan20.c(this case is not accuratery) etc. It cannot do well
English it will be ruined long.
thank you.
yoda.techies@gmail.com 작성:
hi
i want to develop a program in C with gtk frontend , which is run
under normal user privilges and want to have root privileges and i want
to run some commands like lsmod etc. After finishing up the commands
processing like lsmod i want come back to normal privileges program. I
want to restore the user privileges to the program. How to implement
it? please help me.
mail me to yoda.techies@gmail.com
thanks in advance |
|
|
| Back to top |
|
|
motet520
*nix forums beginner
Joined: 14 Jul 2006
Posts: 2
|
| Posted: Fri Jul 14, 2006 3:28 pm Post subject:
Re: access root privileges through C program
|
|
|
i know with privileges rise from linux tool with uselib24.c and,
hatrorihan20.c(this case is not accuratery) etc. It cannot do well
English it will be ruined long.
thank you.
yoda.techies@gmail.com 작성:
| Quote: | hi
i want to develop a program in C with gtk frontend , which is run
under normal user privilges and want to have root privileges and i want
to run some commands like lsmod etc. After finishing up the commands
processing like lsmod i want come back to normal privileges program. I
want to restore the user privileges to the program. How to implement
it? please help me.
mail me to yoda.techies@gmail.com
thanks in advance |
|
|
| Back to top |
|
|
yoda.techies@gmail.com
*nix forums beginner
Joined: 14 Jul 2006
Posts: 2
|
| Posted: Fri Jul 14, 2006 12:12 pm Post subject:
access root privileges through C program
|
|
|
hi
i want to develop a program in C with gtk frontend , which is run
under normal user privilges and want to have root privileges and i want
to run some commands like lsmod etc. After finishing up the commands
processing like lsmod i want come back to normal privileges program. I
want to restore the user privileges to the program. How to implement
it? please help me.
mail me to yoda.techies@gmail.com
thanks in advance |
|
| Back to top |
|
|
Google
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index
»
*nix
»
Linux
»
security
