For Programmers: Free Programming Magazines  


Home > Archive > Unix Programming > December 2004 > Switching Security Contexts









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author Switching Security Contexts
Michael B Allen

2004-12-13, 3:57 am

I would like to impersonate a user. For example if I want to being
"nobody" I was thinking I could use getpwnam(3) to retrieve the
associated uid and gid with which I would call setuid and setgid
respectively. Is this a secure procedure? What other state in a process
is user specific? Locales?

Thanks,
Mike
Andrey Simonenko

2004-12-15, 3:58 pm

Michael B Allen <mba2000@ioplex.com> wrote:
> I would like to impersonate a user. For example if I want to being
> "nobody" I was thinking I could use getpwnam(3) to retrieve the
> associated uid and gid with which I would call setuid and setgid
> respectively. Is this a secure procedure? What other state in a process
> is user specific?

Use following steps: getpwnam -> setgid -> setgroups -> setuid.

In setgroups() set zero item to GID of the user.
Sponsored Links







Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive

Copyright 2008 codecomments.com