Mailinglist Archive: opensuse (783 mails)

< Previous Next >
Re: [opensuse] Run command as another user
Am 29.09.2017 um 16:56 schrieb Paul Groves:
But in this case I am looking for something like the following:

char username = "bob";
char password = "bobspassword";
system("command", username, password);

If that makes sense? But I do not think system can do such a thing.
Can it?

The Unix guys have been working hard for 40 years to make Unix safe.
You'll have to follow the rules.

The command in question is called "sudo". sudo isn't magic. It's using
an API to switch the current user of a process.

The API call is "setuid" https://en.wikipedia.org/wiki/Setuid

You must be root to call it, otherwise you'll get an error.

"sudo" can call this API because the file /usr/bin/sudo has the "S" bit
set (SUID bit) which means: The system will start it as root even if you
call it. sudo will then read a file (which only root can change) to
check whether you're allowed to run it. If not, it will stop. To set the
S bit of a file, you need to be root.

That's why, no matter how you look at the problem, you need to be root.
The Unix guys had 40 years worth of experience with people trying to
game the system and they plugged every hole.

The only other option is SSH because you can ask bob to install your
public key in his allowed_keys file. When he does that, you can ssh into
his account (ssh bob@localhost) using *your* private SSH password. The
most simple solution to use SSH in a script is to create a new SSH key
pair *without password* (just press return) and give *that* public key
to bob.

Note: If someone steals the private key for this pair, they can access
all of bob's files and run stuff as bob. You're now responsible for your
own safety and the one of bob. Good luck.

Note 2: Unlike the sudo solution, you can run any command as bob. sudo
allows to restrict what you can do. So this is a huge security risk for
bob. I wouldn't allow it.

Note 3: Never use passwords as command line arguments. Anyone on the
same computer can see all command line arguments of all processes. It's
very easy to steal passwords this way.

Regards,

--
Aaron "Optimizer" Digulla a.k.a. Philmann Dark
"It's not the universe that's limited, it's our imagination.
Follow me and I'll show you something beyond the limits."
http://blog.pdark.de/


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation
Follow Ups