Menu
I see such logic in many open source projects:
if (setuid() == 0) {
if (setgid(ccf->group) == -1) {
...
if (initgroups(ccf->username, ccf->group) == -1) {
I have 2 questions on this:
initgroups for? IMO,to change gid and uid,setuid() and setgid() will be enough.
823
Most of the time, system daemons are spawned by init scripts and therefore run as root. Calling setuid() and setgid() allows them to drop their superuser privileges and impersonate another user on the system (generally far less powerful than root). That way, bugs and security holes become less lethal to the system.
Concerning the second part of your question, initgroups() is called to reinitialize the group access list and add ccf->group to the list of groups that ccf->username belongs to. That's probably done because calling setgid() is not sufficient for the access rights associated with the new group to be propagated to the process.
71
Generally, you need administrative permission to listen on ports 1023 and below. (There are other reasons to start as administrator, but that's the big one.) But here's the thing: You can start as administrator, bind the socket, then drop down to be a user.
Now, why would you want to be a user? Well, if you run with the smallest amount of permissions possible, and your program is compromised, then the damage will be contained.
44
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
