how to identify the superuser in C

To: debian-security@lists.debian.org
Cc: oohara@libra.interq.or.jp
Subject: how to identify the superuser in C
From: Oohara Yuuma <oohara@libra.interq.or.jp>
Date: Wed, 11 Dec 2002 11:07:11 +0900 (JST)
Message-id: <20021211.110711.74739803.oohara@grain>

I am working on adding a high score list to a game written in C.
(It's already packaged.)  The high score list will be 664 root:games
and the game binary will be sgid games --- nothing special here.
I want to dump and undump the list.  Allowing everyone to undump
the list will lead to cheating or even security problems, so I want to
make sure that only the superuser may undump.  Since the binary is
sgid, some check is necessary before trying to write the list.

The problem is that there is fakeroot. getuid() == 0 or
geteuid() == 0 is not enough.  PAM is an overkill.
I think seteuid(0) == 0 is the best approach.
Any opinion?

-- 
Oohara Yuuma <oohara@libra.interq.or.jp>
Debian developer
PGP key (key ID F464A695) http://www.interq.or.jp/libra/oohara/pub-key.txt
Key fingerprint = 6142 8D07 9C5B 159B C170  1F4A 40D6 F42E F464 A695

smile to answer
--- Treasure, "Radiant Silvergun", attitude #3 for SBS-130

Reply to:

Follow-Ups:
- Re: how to identify the superuser in C
  - From: Chris Shafer <wcshafer@cablespeed.com>
- Re: how to identify the superuser in C
  - From: sean finney <seanius@seanius.net>
- Re: how to identify the superuser in C
  - From: Will Aoki <waoki@umnh.utah.edu>
- Re: how to identify the superuser in C
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: Updating Snort Signatures In Stable ?
Next by Date: unsubscribe
Previous by thread: Re: init.d startup sequence for shorewall
Next by thread: Re: how to identify the superuser in C
Index(es):
- Date
- Thread