[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: dropping setuid/setgid privileges
From: |
Bruno Haible |
Subject: |
Re: dropping setuid/setgid privileges |
Date: |
Thu, 11 Jun 2009 19:49:05 +0200 |
User-agent: |
KMail/1.9.9 |
James, Sergey,
> > So we may also need to do something like this:
> >
> > #if HAVE_SETGROUPS
> > /* Use of setgroups() is restricted to root only. */
> > if (0 =3D=3D geteuid())
> > {
> > /* We're either root or running setuid-root. */
> > gid_t groups[1];
> > groups[0] =3D gid;
> > if (0 !=3D setgroups(1u, groups))
>
> Yes, but on the other hand the caller might need to retain some
> supplementary groups when dropping privileges.
What is the use-case that you are considering? A setuid/setgid executable,
or an executable run by root? And what task does it do, related to the user's
data and devices?
> Perhaps it is worth to provide a mechanism for that too? Something like
>
> idpriv_drop_grp (size_t ngrp, gid_t *groups)
Should that drop the specified supplementary groups (and keep the rest),
or keep the specified supplementary groups?
Bruno
- Re: [PATCH] chroot specify user/group feature, James Youngman, 2009/06/04
- Re: dropping setuid/setgid privileges, Bruno Haible, 2009/06/07
- Re: dropping setuid/setgid privileges, James Youngman, 2009/06/07
- Re: dropping setuid/setgid privileges, Bruno Haible, 2009/06/07
- Re: dropping setuid/setgid privileges, Bruno Haible, 2009/06/08
- Re: dropping setuid/setgid privileges, Sergey Poznyakoff, 2009/06/10
- Re: dropping setuid/setgid privileges,
Bruno Haible <=
- Re: dropping setuid/setgid privileges, Sergey Poznyakoff, 2009/06/11
- Re: dropping setuid/setgid privileges, Bruno Haible, 2009/06/11
- Re: dropping setuid/setgid privileges, James Youngman, 2009/06/11
- Re: dropping setuid/setgid privileges, Bruno Haible, 2009/06/11
- Re: dropping setuid/setgid privileges, James Youngman, 2009/06/12
- Re: dropping setuid/setgid privileges, Bruno Haible, 2009/06/12
Re: dropping setuid/setgid privileges, Bruno Haible, 2009/06/08