I have some code which requires root permission to run. To be nice, it
checks early on if the user is root and fails with an error message if they
aren’t. I’m currently using the comparison (getuid() == 0), but I’m
wondering if I should be using geteuid() instead of getuid()? Can anyone
provide some advice? The library docs aren’t very verbose about these two
calls.
thanks
Charlie
Charlie Surface <charlie_surface@oti.com> wrote:
I have some code which requires root permission to run. To be nice, it
checks early on if the user is root and fails with an error message if they
aren’t. I’m currently using the comparison (getuid() == 0), but I’m
wondering if I should be using geteuid() instead of getuid()? Can anyone
provide some advice? The library docs aren’t very verbose about these two
calls.
No, the docs aren’t very verbose. This is another "Unix"ism kind of
thing.
As a little experiment in the illustration of the difference between
uid and euid, try:
as root:
cp /usr/bin/id /tmp/id
chmod u+x /tmp/id
as non-root user:
id
/tmp/id
And look at the outputs.
But, yes, you should check for the (geteuid() == 0) not getuid(). A
process with a uid of 0, but an euid of non-zero will not act as if
it were root, e.g. it will not be able to succeed with a
ThreadCtl(_NTO_TCTL_IO).
demo:
as root:
cp /sbin/rtc /tmp/rtc
cp /usr/bin/id /tmp/id
chown non-root /tmp/rtc
chown non-root /tmp/id
chmod u+s /tmp/rtc
chmod u+s /tmp/id
/tmp/id
/tmp/rtc hw
id should report uid=0 euid=non-root-id
rtc should fail with EPERM.
QNX Training Services
http://www.qnx.com/support/training/
Please followup in this newsgroup if you have further questions.
Thanks David. The demo was enlightening.
Charlie
“David Gibbs” <dagibbs@qnx.com> wrote in message
news:aic38u$kud$1@nntp.qnx.com…
Charlie Surface <> charlie_surface@oti.com> > wrote:
I have some code which requires root permission to run. To be nice, it
checks early on if the user is root and fails with an error message if
they
aren’t. I’m currently using the comparison (getuid() == 0), but I’m
wondering if I should be using geteuid() instead of getuid()? Can
anyone
provide some advice? The library docs aren’t very verbose about these
two
calls.No, the docs aren’t very verbose. This is another "Unix"ism kind of
thing.As a little experiment in the illustration of the difference between
uid and euid, try:as root:
cp /usr/bin/id /tmp/id
chmod u+x /tmp/id
as non-root user:
id
/tmp/idAnd look at the outputs.
But, yes, you should check for the (geteuid() == 0) not getuid(). A
process with a uid of 0, but an euid of non-zero will not act as if
it were root, e.g. it will not be able to succeed with a
ThreadCtl(_NTO_TCTL_IO).demo:
as root:
cp /sbin/rtc /tmp/rtc
cp /usr/bin/id /tmp/id
chown non-root /tmp/rtc
chown non-root /tmp/id
chmod u+s /tmp/rtc
chmod u+s /tmp/id
/tmp/id
/tmp/rtc hwid should report uid=0 euid=non-root-id
rtc should fail with EPERM.-David
QNX Training Services
http://www.qnx.com/support/training/
Please followup in this newsgroup if you have further questions.
Charlie Surface <charlie_surface@oti.com> wrote:
Thanks David. The demo was enlightening.
You’re welcome.
QNX Training Services
http://www.qnx.com/support/training/
Please followup in this newsgroup if you have further questions.