[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

how to identify the superuser in C

I am working on adding a high score list to a game written in C.
(It's already packaged.)  The high score list will be 664 root:games
and the game binary will be sgid games --- nothing special here.
I want to dump and undump the list.  Allowing everyone to undump
the list will lead to cheating or even security problems, so I want to
make sure that only the superuser may undump.  Since the binary is
sgid, some check is necessary before trying to write the list.

The problem is that there is fakeroot. getuid() == 0 or
geteuid() == 0 is not enough.  PAM is an overkill.
I think seteuid(0) == 0 is the best approach.
Any opinion?

Oohara Yuuma <oohara@libra.interq.or.jp>
Debian developer
PGP key (key ID F464A695) http://www.interq.or.jp/libra/oohara/pub-key.txt
Key fingerprint = 6142 8D07 9C5B 159B C170  1F4A 40D6 F42E F464 A695

smile to answer
--- Treasure, "Radiant Silvergun", attitude #3 for SBS-130

Reply to: