Hi,
can I somehow change a ruby interpreters uid from 0 to something and
then back again?
I intend to write a little program, wich traverses all users dirs and
’executes’ whatever a user has written in his conf-file but in the
context of the corresponding user.
it’s tricky. you need a setuid binary (cannot be a script). to accomplish
something very similar to this i had created a c program that runs ruby as
another user (backend db updates for web processs). it’s not exactly what
you want since it runs as a specific user, but it’s a very simple (dangerous)
c program which you could modify to accomplish this. keep in mind that, once
you setuid to a non-privledged user you can’t get back! i think you may be
able to get around this by fork/exec’ing somehow - but perhaps not.
the best way might be to crawl the dirs using one script (privledged for read
access) and then launch one as a child process for each user dir…
Date: Fri, 06 Feb 2004 00:30:25 +0100
From: Robert K. anon@nospam.de
Newsgroups: comp.lang.ruby
Subject: impersonating ruby
Hi,
can I somehow change a ruby interpreters uid from 0 to something and
then back again?
I intend to write a little program, wich traverses all users dirs and
‘executes’ whatever a user has written in his conf-file but in the
context of the corresponding user.
What is the ruby mehtod to accomplish that?
Reinvoking my script?
–
ATTN: please update your address books with address below!
The difference between art and science is that science is what we
understand well enough to explain to a computer.
Art is everything else.
– Donald Knuth, “Discover”
/bin/sh -c ‘for l in ruby perl;do $l -e “print "\x3a\x2d\x29\x0a"”;done’
===============================================================================
Hi,
can I somehow change a ruby interpreters uid from 0 to something and
then back again?
I may be wrong, but I think you can’t do this in pure ruby. You’ll need
outside utils of some sort.
I intend to write a little program, wich traverses all users dirs and
‘executes’ whatever a user has written in his conf-file but in the
context of the corresponding user.
What is the ruby mehtod to accomplish that?
Reinvoking my script?
I would do something like this:
if Process.uid == 0
# find each conf file and run this with
# it’s associated filename and username: sudo -u #{username} #{File.expand_path $0} #{filename}
else # it’s not root; the you need to parse the conf file
# get the filename
filename = ARGV.unshift
# process the file…
end
This is, of course, assuming that you are on a *nix based system.
OK, it could have been so easy by just trying it out:
With Process.uid a script can change and read it’s uid as it likes to.
If ruby has uid=0, there are no boreders. The script gets up and down
to 0 again. Else the script is forbidden to change to 0
Robert K. schrieb:
···
Hi,
can I somehow change a ruby interpreters uid from 0 to something and
then back again?
I intend to write a little program, wich traverses all users dirs and
‘executes’ whatever a user has written in his conf-file but in the
context of the corresponding user.