Question!!

mackay at kodak.com mackay at kodak.com
Wed Jan 9 11:40:44 EST 2002 

From: Scott D. MacKay

Sorry, as someone stated (I hate Lotus Notes includes :), SUDO is not made
for that.

If an application starts out as being a non-root process, it cannot really
become a root process or use native system calls in a root mode.  The only
thing you could do is to spawn a process which uses a SETUID application,
such as SUDO.

The best thing I could suggest is this:
1) Start the process as root, become a normal user for the bits which are
not root privileged (you could always use SUDO to allow a regular user to
start the process as root)
2) Make a second program which has functions that can support the system
I/O you need to do as root.
Have your main program call it via 'system' or 'popen'.  If it is SetUID
(you can always use group perms to keep just anyone from running it) or you
invoke it thru SUDO (obv, you will need to disable passwords for the app in
SUDO), it can run the commands as root, isolated from your app.  Wrapper
the calls for your users so the wrapper does all the system/popen stuff.

Couple thoughts with 'security in mind' for (2)
1) Use popen and pass the commands via stdin.  Don't supply as arguments to
the called app
2) validate, validate, validate data :)

For either, the wrapper can be just like the normal call, such as this very
poor security sample:

/* Note this example is VERY BAD.  No data validation, etc, all strings
should be size checked, sysbuf validated against overflow, strings should
be cleaned of all potential danger characters, etc */
priv_cp(char *source, char *dest)
{
char sysbuf[1024];
sprintf(sysbuf,"/bin/sudo /bin/cp %s %s",source,dest);
system(sysbuf);
}

-Scott







"Hansoo Shon" <heyhans at rutilustech.com>@sudo.ws on 01/08/2002 07:11:49 PM

Sent by:  sudo-users-admin at sudo.ws


To:   <sudo-users at sudo.ws>
cc:
Subject:  Question!!


Hello All.

i am a system engineer at a small venture company in Seoul Korea.  We are
making back-up solution under windows, unix, and as well as linux operating
systems.  Our solution under unix and linux operating system faced security
issues since our process runs with "root" privilege within a certain port.
So, I
thought that I could use "sudo" to use only needed commands can be run by
a certain user.  However, our programmers are developing our solution in
C++
and I have no clue how to apply "sudo" to our solution.  For example, in
the
program, it does not use 'system("sudo cp /etc/* ./")' instead the program
calls
for 'cp(), utime(), chmod(), and other FUNCTIONs. Is there any other way to
use sudo???
I hope that you could give me little hint. ^^;

Sincerely,

Hans
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users

More information about the sudo-users mailing list