At Sat, 27 Jan 2024 20:00:24 +0100, tlaronde%kergis.com@localhost wrote: Subject: Reverse of promoting to root: downgrade root to unprivileged > > Starting some operation as common user (for example compiling/building) > before promoting to privileged (generally root) by su'ing or sudo'ing > (for example to install) is common. > > But does somebody know of an established program or library that allows > to start a process as root and to automatically downgrade rights for > tasks (I mean identified chunks of whatever code) that do not require > privileges? Lots of programs that are run as root do this by design, e.g. login(1) as well as daemons like cron(8), sshd(8), etc. There are also other system programs that start as setuid-root (or some other special-purpose user) in order to do some privileged operation, such as opening a protected socket or file, and then return to running as the invoking user or some other (possibly less privileged) UID. This is exactly what su(1) does in fact. (There are also a number of programs following a largely mistaken and dangerous idea that they should swap back and forth between running in privileged mode and running as the user, some to an absurd extreme, like lpr(1). This is obviously not safe and is a pure idiotic fallacy. The kernel _should_ force a processes that drop privileges to permanently do so and to never try to regain them except through execve(2), as indeed earlier real Unix(TM) kernels always did, as does my NetBSD variant.) -- Greg A. Woods <gwoods%acm.org@localhost> Kelowna, BC +1 250 762-7675 RoboHack <woods%robohack.ca@localhost> Planix, Inc. <woods%planix.com@localhost> Avoncote Farms <woods%avoncote.ca@localhost>
Attachment:
pgpavYNXpeBUd.pgp
Description: OpenPGP Digital Signature