How to run program as another user - and permanently dropping current user privileges?

Kenneth Burgener kenneth at mail1.ttak.org
Fri Feb 23 19:26:21 MST 2007


I have two (/etc/init.d/) startup script, one calls another script and
one calls an program.  I would like to have this other script and
program run as another user than root.  Most programs, from what I can
tell, do this using the SETUID() C programming call which appears to be
fairly secure:

    SETUID(2) - setuid()  sets  the  effective  user ID of the current
process.  The setuid() function checks the effective user ID of the
caller and if it is the superuser, all process  related  user  IDs are
set to uid.  *After this has occurred, it is impossible for the program
to regain root privileges.*

I assume this means that if someone tried to hack the program by
smashing the stack or some other method, they would be unable to exit
back to root user.  I would like this other script and program to behave
in a similar fashion, but SETUID() is not available as a script call,
and I am unable to modify the program to add a SETUID() call.  How can I
do this?

The closest command I have found would be running something like "su
<user> -c <command>" which runs the command as the specified user, but
when the command exits, I am still user root.  I fear that it could be
hacked and taken advantage of.

Is this the correct way to do this?

Thanks,
Kenneth




More information about the PLUG mailing list