Home/ Questions/Q 513025
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T07:22:48+00:00

I have written a cgi-bin application in C that runs in a browser and

  • 0

I have written a cgi-bin application in C that runs in a browser and allows the user to open an interactive shell and view & edit files on a Linux machine. It runs as the standard apache “www-data” user. I just added a login screen to it where the user types in their name and password (in a form) but I cannot authenticate the user using getspnam since this function only works when running as root.

What options do I have to check the login credentials of a user when not running as root?

PS: In my interactive shell I can type “su root” and then type in my password and it does elevate to root fine so it obviously can be done interactively.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    With regard to your PS: Well, when you do a su root you’re switching to the root user. So yes, of course, root can read the shadow file, you all ready said that.

    With regard to your problem: Can’t you have your apache processes temporarily elevate to root (by calling setuid or similar) to perform the authentication?

    Good luck!

    • 0