Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I need to manage Linux users accounts from within my program so I actually need some kind of root access but giving root to that program couldn’t be the best solution.
How can I manage that in a save way. At least I am not aware of a Multi process architecture.
For the whole “generic stuff” I use Qt. Only the OS-specific things are on my own.
The “classic” solution to implement privilege separation works like this:
The result will be that your main process has no special privileges, but you have a root-privileged child process that is connected to your main process via those sockets. These sockets are “unnamed”, meaning no other program can access them.
You are still somewhat vulnerable to attacks, of course. Even if your code is “safe” until you get to the fork(), an attacker could still be able to get into your main program later on, and send commands to the privileged process. Even if the child process is good at validating its input and can’t be compromised, valid commands can still cause problems when issued by an attacker — like in your case, an attacker could probably create new accounts, possibly even one that has uid 0.