Reducing Permissions

Is there a way to programtically reduce permissions that doesn't involve `su -l #{config.name}`? I need the server started as root so that it can do a chroot, but then I don't want it executing as root, but as a special user created for the purpose. Also, I'm hoping that there is something already done that's cross-platform(ish).

Any ideas? Thanks!

Jon

Not really that answer you asked for, but I just use Dir#chroot to isolate a process like that. Hope that helps.

James Edward Gray II

···

On Apr 3, 2005, at 1:06 PM, Jon Raphaelson wrote:

Is there a way to programtically reduce permissions that doesn't involve `su -l #{config.name}`? I need the server started as root so that it can do a chroot, but then I don't want it executing as root, but as a special user created for the purpose. Also, I'm hoping that there is something already done that's cross-platform(ish).

Any ideas? Thanks!

Is there a way to programtically reduce permissions that doesn't involve
  `su -l #{config.name}`? I need the server started as root so that it
can do a chroot, but then I don't want it executing as root, but as a
special user created for the purpose. Also, I'm hoping that there is
something already done that's cross-platform(ish).

You probably want a wrapper script to do the chroot (Dir#chroot)
and then su to start the application.

Any ideas? Thanks!

Jon

E

No-one expects the Solaris POSIX implementation!

···

Le 3/4/2005, "Jon Raphaelson" <jonraphaelson@gmail.com> a écrit:

Jon Raphaelson said:

Is there a way to programtically reduce permissions

[...]

Any ideas? Thanks!

I use this in one of my projects:

  def drop_privileges(user='nobody')
    pw = Etc::getpwnam(user)
    begin
      Dir.chdir(pw.dir)
      Dir.chroot(pw.dir)
      Dir.chdir('/')
    rescue => e
      puts "Cannot chroot to #{pw.dir}: #{e}"
      exit
    end

    Process::initgroups(user, pw.gid)
    begin
      Process::Sys::setresgid(pw.gid, pw.gid, pw.gid)
      Process::Sys::setresuid(pw.uid, pw.uid, pw.uid)
    rescue NotImplementedError
      # Try something portable... might not be as secure though
      Process::Sys::setegid(pw.gid)
      Process::Sys::setgid(pw.gid)
      Process::Sys::setuid(pw.uid)
    rescue => e
      puts "Cannot drop privileges: #{e}"
      exit
    end
  end

Tested on *BSD and linux. At least NetBSD doesn't implement the
setres* system calls (which aren't defined by POSIX), so I added the
rescue for NotImplementedError.

HTH,
Andre