On Thu, Jan 11, 2001 at 10:02:49AM -0800, kmself@ix.netcom.com wrote: > > man su? Not sure, but that's where I'd look. Possibly also a suid > executable, where UID != root. suid bits can only be used to elevate privileges, not reduce them. when you run a suid binary only the euid is changed, not the real uid, so what you would end up with is a process running with uid=0 euid=1000 or whatever. in short it still runs as root. try this, su to root, copy /usr/bin/id to /root, make it setuid nobody, then run it (as root), see what you get. > I think you're better off with the /etc/init.d approach, myself. i tend to agree. though you don't get respawn with that approach. also start-stop-daemon has --chuid which is nice for running things as non-root without littering the logs with bogus su ?? root-somebody. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpQIE86Wd0F5.pgp
Description: PGP signature