Re: how to identify the superuser in C
On Thu, Dec 12, 2002 at 08:38:27AM +0900, Oohara Yuuma wrote:
> On Wed, 11 Dec 2002 14:13:15 -0500,
> Matt Zimmerman <mdz@debian.org> wrote:
> > On Wed, Dec 11, 2002 at 11:07:11AM +0900, Oohara Yuuma wrote:
> > > The problem is that there is fakeroot. getuid() == 0 or
> > > geteuid() == 0 is not enough. PAM is an overkill.
> > > I think seteuid(0) == 0 is the best approach.
> > fakeroot (or any other dynamic linker tricks) will not work on set[ug]id
> > programs. libc can be trusted here.
> Is this Linux specific? (There can be a Hurd port in the sarge release).
Any system which would allow system calls to be spoofed in privileged
programs this way would have a gaping security hole. Your program would be
the least of its worries.
--
- mdz
Reply to: