* ktb <xyf@nixnotes.org> [20030318 12:05 PST]: > 1) How can you tell if a program is actually running as a non-privileged > user? Look at the output from 'ps uax' > For example proftpd is configured to run as "User nobody" and "Group > nogroup" but when I do a "lsof|grep proftpd" "root" is listed as the > user. > > proftpd 5884 root 0u IPv4 20170 TCP *:ftp (LISTEN) > > 2) If I create an in house damon and have it owned by user "nobody" but > start it from a shell as root which user actually owns this process? root. Generally, file ownership does not translate directly into process ownership. Consider /bin/ls, owned by root:root. Clearly, when you run it as a non-root user, it runs as a non-root user, not as root. Then there are set-uid (and set-gid) executables. When a set-uid binary is executed, it runs as the user that owns the executable file. For example, /bin/su. No matter who starts it, /bin/su runs with full root privilege, which is how it allows users to switch to other users. So a home-made executable can always be run as a particular user by way of the setuid bit (but make sure you know what you're doing, and watch your +x permissions if you choose that method). Alternatively, it can be run by su'ing to the desired user before executing it. Many daemons are started as root and make a call to setuid(3) to change their user id after some initial setup tasks which require root. For example, an ftp daemon may require root in order to listen on a privileged port, and then use setuid to drop root privileges and continue running as "daemon", "nobody", "ftp", etc. good times, Vineet -- http://www.doorstop.net/ -- Microsoft has argued that open source is bad for business, but you have to ask, "Whose business? Theirs, or yours?" --Tim O'Reilly
Attachment:
signature.asc
Description: Digital signature