Run c++ executable as l inux system user?

freakin'me · 10-08-2005, 02:29 PM

Hi,

I want/need to run one of the programs I made using c++ as a system linux user. I still got the source, so recompiling won't be a problem.

anybody who knows how I should do this?

Regards,

Freakin'me

btmiller · 10-08-2005, 02:39 PM

Just start the executable as the user you want to run it as; no recompile necessary. Unless the setuid bit is set this will work. You can force an executable to run as a particular user with the setuis bit (chmod u+s /path/to/exe) but you really shouldn't unless you know what you're doing, because it can be a security risk with a poorly written program.

freakin'me · 10-08-2005, 02:55 PM

The program I'm talking about is used to add linux users (remove and change them as well) restarting apache, and view detailed information about ram use and stuff. For this reason it seems to me that this program should be run with an account that has root privileges (correct me if I'm wong plz). Could you go a little deeper into that chmod? I dont really get it.

By the way, I'll make sure it isn't poorly written, so that won't be a problem.

Regards,

Freakin'me

btmiller · 10-08-2005, 03:32 PM

The chmod u+s <executable> command sets the setuid bit on the binary. This means that the program will be run with the privileges of the owner of the file, not the person who executed the command. For example, normal users aren't permitted to edit /etc/passwd or /etc/shadow, but must be able to change their passwords. So the passwd program is owned by root and has the setuid bit turned on so it runs as root regardless of who invokes it. You'll want to do something similar to your program, I imagine.

Be *very* careful to validate user input and don't leave your code susceptable to buffer overflows. There are numerous ways to subvert setuid programs so you really have to be careful.

freakin'me · 10-08-2005, 03:43 PM

Quote:

Originally posted by btmiller Be *very* careful to validate user input and don't leave your code susceptable to buffer overflows. There are numerous ways to subvert setuid programs so you really have to be careful. [/B]

Maybe this isn't the right spot to ask, however, how can I prevent buffer overflows, and how can I prevent this subverting?

btmiller · 10-08-2005, 05:55 PM

Secure programming is a large topic. In terms of buffer overflows, simply don't stuff more data into a memory area than you've designed it to hold. This can be tough because many of the default C string handling functions don't do bounds checking. I really don't know that much about C++, but if you stick with the String data type you should be mostly OK, I think (someone correct me if I'm wrong on here).

Otherwise, validate user input, in particular, make sure that the user can't craft input that makes the program do bad things like create a new user with a uid of 0 (giving it root privs). It's a big topic, so I'd suggest doing some research, but basically code defensively, don't make assumptions, and certainly don't trust user input without validating it!

freakin'me · 10-08-2005, 05:59 PM

Thanks,

And how about that subverting?

Valhalla · 10-09-2005, 01:37 PM

Basically, you can subvert programs that execute command directly on the system a very simple example would be the system call System() function. Never would anyone write a program like this, but it serves a good example. Say you wrote a short C program that takes a system path as imput and executes system("ls /path/on/box"), say for example, that this program was setuid as root, and the user executed it by giving it the path /home/foo && rm -rf / . Thus, the program would execute a command such as ls /home/foo && rm -rf /. If the program was setuid as root, bad things would happen. Just an example