root permissions

Hi, I’d like to know if it’s possible to change a run mode: I have a process (thread) running at “normal user” mode and I want to change (in the same process) to a root mode.

Is this possible? How I could do it?


Not that I know of. That would seriously break security.

What are you trying to do? Mario gives a correct answer to your literal question, but it is not clear why you would literally need to do this. Here are some alternatives.

  1. I want to be able to run my process in at least two modes, super-user and a specific user.
    A) You can start the process as super-user, and then degrade it using effective user and group id’s.

  2. I want to start a process as super-user but from a non-super-user process.
    A) Set the suid bit

etc. Be more specific and there may be a solution.

Oh, I’ll try to describe better

I have to make an ISA driver, and I think I have to do it writing/reading ports (in8, out8,…). But I cant do it if I have no root permission. And the driver will be used by “normal user”. So, I thought I could write a program that starts at normal user mode; then, it changes to root mode, and finally, return to user mode.

Is this possible?
Another possibility?

Thanks very much

Well the only way is the way I described previously.
Have the program owned by the user, but set the SUID bit, so it comes up with user privileges. Then set the effective user-id and effective group-id back to that of the user.

While what I said is true, it is not really the way to do things. Here is what I suggest. Write a driver that runs as root, and does the in/out port stuff. Have the user program run as user, but send messages to the driver to accomplish what it can’t. This is very straight forward and usual.

This is where the QNX resource manager pattern is well-suited. Build the “root”-mode part of the driver as a resource manager and then have the user-mode process access it through the message passing interface. If you are careful about how you pass the data you can even do this without an overburdening overhead.

(This is almost the same pattern as the kernel/user-mode device driver approach - here the device is not actually part of the kernel, but the functionality is very similar to that approach)

See $(QNX_INSTALL_PATH)/target/qnx6/usr/help/product/neutrino/prog/resmgr.html for details…

If all you want to do is provide in out instruction then I support wretched suggestion. However in some cases the extra overhead can be a problem. Imagine a case where one would try to flip an output on the parallel port as fast as possible.

The io driver could not only provide very basic input/output but also provide some extra features, like the ability to output a stream of data at specify frequency. Or poll an input port and send a notification when its value equal a preset or fits in a range. You get the idea.

You could go one step further. You could create a simple interpreted language that the driver would interpret. It could be limited to in’s, out’s, and compares. You could restrict the I/O range if you are worried about the user boloxing up your machine.