| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 02 Oct 2007 09:23:40 -0400 From: Mark Lord <lkml@....ca> To: gogi-k@...i.tv Cc: linux-kernel@...r.kernel.org Subject: Re: One process with multiple user ids. Giuliano Gagliardi wrote: > On Tuesday 02 October 2007, Jan Engelhardt wrote: >> On Oct 2 2007 12:56, Giuliano Gagliardi wrote: >>> I have a server that has to switch to different user ids, but because it >>> does other complex things, I would rather not have it run as root. I only >>> need the server to be able to switch to certain pre-defined user ids. >> All you need is CAP_SETUID. Also see man setresuid, >> where you could, I think, use saved_uid=0 if you do not >> like to use real_uid=0 effective_uid=non-0. > > But CAP_SETUID would let me change to any uid, would it not? I would like my > process to have no possibility to change to any uid, except some predefined > set, so that in case of a security hole only those uids could be compromised. It really sounds like the app should be restructured. If security is that important to it, then it shouldn't be changing uids back and forth on the fly (too risky). There's probably a nice redesign possible where it just forks off 3 sub-processes, one for each UID, and then farms out the work to each as required. Cheers - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists