[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4702465C.7030207@rtr.ca>
Date: Tue, 02 Oct 2007 09:23:40 -0400
From: Mark Lord <lkml@....ca>
To: gogi-k@...i.tv
Cc: linux-kernel@...r.kernel.org
Subject: Re: One process with multiple user ids.
Giuliano Gagliardi wrote:
> On Tuesday 02 October 2007, Jan Engelhardt wrote:
>> On Oct 2 2007 12:56, Giuliano Gagliardi wrote:
>>> I have a server that has to switch to different user ids, but because it
>>> does other complex things, I would rather not have it run as root. I only
>>> need the server to be able to switch to certain pre-defined user ids.
>> All you need is CAP_SETUID. Also see man setresuid,
>> where you could, I think, use saved_uid=0 if you do not
>> like to use real_uid=0 effective_uid=non-0.
>
> But CAP_SETUID would let me change to any uid, would it not? I would like my
> process to have no possibility to change to any uid, except some predefined
> set, so that in case of a security hole only those uids could be compromised.
It really sounds like the app should be restructured.
If security is that important to it, then it shouldn't
be changing uids back and forth on the fly (too risky).
There's probably a nice redesign possible where it just
forks off 3 sub-processes, one for each UID,
and then farms out the work to each as required.
Cheers
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists