Re: Reverse of promoting to root: downgrade root to unprivileged

To: Alistair Crooks <agc%pkgsrc.org@localhost>
Subject: Re: Reverse of promoting to root: downgrade root to unprivileged
From: tlaronde%kergis.com@localhost
Date: Mon, 29 Jan 2024 15:44:46 +0100

On Mon, Jan 29, 2024 at 06:26:53AM -0800, Alistair Crooks wrote:
> As RVP mentioned, this is a SMOP, but if you're looking for an out of the
> box utility, checkout djb's setuidgid (available in
> pkgsrc/sysutils/daemontools) https://cr.yp.to/daemontools/setuidgid.html

Thanks. I will take a look.

> 
> On Mon, 29 Jan 2024 at 04:10, RVP <rvp%sdf.org@localhost> wrote:
> 
> > On Sat, 27 Jan 2024, tlaronde%kergis.com@localhost wrote:
> >
> > > But does somebody know of an established program or library that allows
> > > to start a process as root and to automatically downgrade rights for
> > > tasks (I mean identified chunks of whatever code) that do not require
> > > privileges?
> > >
> >
> > You mean toggling between various EUIDs and the saved-SUID? That's
> > pretty standard stuff, but, I don't know if it's been encapsulated
> > in any kind of utility.
> >
> > -RVP
> >
> >

-- 
        Thierry Laronde <tlaronde +AT+ kergis +dot+ com>
                     http://www.kergis.com/
                    http://kertex.kergis.com/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89  250D 52B1 AE95 6006 F40C

References:
- Reverse of promoting to root: downgrade root to unprivileged
  - From: tlaronde
- Re: Reverse of promoting to root: downgrade root to unprivileged
  - From: RVP
- Re: Reverse of promoting to root: downgrade root to unprivileged
  - From: Alistair Crooks

Prev by Date: Re: Reverse of promoting to root: downgrade root to unprivileged
Next by Date: Re: Reverse of promoting to root: downgrade root to unprivileged
Previous by Thread: Re: Reverse of promoting to root: downgrade root to unprivileged
Next by Thread: Re: Reverse of promoting to root: downgrade root to unprivileged
Indexes:

Home | Main Index | Thread Index | Old Index