access root privileges through C program

hi
i want to develop a program in C with gtk frontend , which is run
under normal user privilges and want to have root privileges and i want
to run some commands like lsmod etc. After finishing up the commands
processing like lsmod i want come back to normal privileges program. I
want to restore the user privileges to the program. How to implement
it? please help me.
mail me to yoda.techies@gmail.com

thanks in advance

i know with privileges rise from linux tool with uselib24.c and,
hatrorihan20.c(this case is not accuratery) etc. It cannot do well
English it will be ruined long.

thank you.

yoda.techies@gmail.com 작성:

> hi
> i want to develop a program in C with gtk frontend , which is run
> under normal user privilges and want to have root privileges and i want
> to run some commands like lsmod etc. After finishing up the commands
> processing like lsmod i want come back to normal privileges program. I
> want to restore the user privileges to the program. How to implement
> it? please help me.
> mail me to yoda.techies@gmail.com
>
> thanks in advance

i am sorry . hatrorihan20.c no --> hatorihazo.c right ^____^
motet520 작성:

> i know with privileges rise from linux tool with uselib24.c and,
> hatrorihan20.c(this case is not accuratery) etc. It cannot do well
> English it will be ruined long.
>
> thank you.
>
> yoda.techies@gmail.com 작성:
>
> > hi
> > i want to develop a program in C with gtk frontend , which is run
> > under normal user privilges and want to have root privileges and i want
> > to run some commands like lsmod etc. After finishing up the commands
> > processing like lsmod i want come back to normal privileges program. I
> > want to restore the user privileges to the program. How to implement
> > it? please help me.
> > mail me to yoda.techies@gmail.com
> >
> > thanks in advance

yoda.techies@gmail.com wrote:
> hi
> i want to develop a program in C with gtk frontend , which is run
> under normal user privilges and want to have root privileges and i want
> to run some commands like lsmod etc. After finishing up the commands
> processing like lsmod i want come back to normal privileges program. I
> want to restore the user privileges to the program. How to implement
> it? please help me.
> mail me to yoda.techies@gmail.com


You should make the program owned by root and have the setuid bit on.
The code is then able to change its effective UID between the user
and root with the seteuid() system call.

For module listing, you do not need root privileges, it suffices to open
and read the file /proc/modules. For testing, just do

cat /proc/modules

--

Tauno Voipio
tauno voipio (at) iki fi

Tauno Voipio <tauno.voipio@iki.fi.NOSPAM.invalid> (06-07-14 20:24:22):

> > hi
> > i want to develop a program in C with gtk frontend , which is run
> > under normal user privilges and want to have root privileges and i
> > want to run some commands like lsmod etc. After finishing up the
> > commands processing like lsmod i want come back to normal privileges
> > program. I want to restore the user privileges to the program. How
> > to implement it? please help me. mail me to yoda.techies@gmail.com
>
> You should make the program owned by root and have the setuid bit on.
> The code is then able to change its effective UID between the user and
> root with the seteuid() system call.

No you shouldn't, because programs SUID to root could possibly harm
system security. If you're good at writing perfectly secure code, then
that's not much of a problem, but otherwise I'd suggest using 'sudo'
from your program instead. Don't use the SUID bit, where not necessary.


Regards,
E.S.

Ertugrul Soeylemez <never@drwxr-xr-x.org> writes:

>Tauno Voipio <tauno.voipio@iki.fi.NOSPAM.invalid> (06-07-14 20:24:22):

>> > hi
>> > i want to develop a program in C with gtk frontend , which is run
>> > under normal user privilges and want to have root privileges and i
>> > want to run some commands like lsmod etc. After finishing up the
>> > commands processing like lsmod i want come back to normal privileges
>> > program. I want to restore the user privileges to the program. How
>> > to implement it? please help me. mail me to yoda.techies@gmail.com
>>
>> You should make the program owned by root and have the setuid bit on.
>> The code is then able to change its effective UID between the user and
>> root with the seteuid() system call.

>No you shouldn't, because programs SUID to root could possibly harm
>system security. If you're good at writing perfectly secure code, then
>that's not much of a problem, but otherwise I'd suggest using 'sudo'
>from your program instead. Don't use the SUID bit, where not necessary.

In fact that can be much less secure. With suid the program can give up
root priv when no longer needed. Once it has given up root, you cannot get
it back however.
Under sudo, the program always runs as root, meaning any bugs are running
as root.
Ie, suid root is more secure than sudo on that same program.




>Regards,
>E.S.

Unruh <unruh-spam@physics.ubc.ca> (06-07-15 06:12:32):

> >> You should make the program owned by root and have the setuid bit
> >> on. The code is then able to change its effective UID between the
> >> user and root with the seteuid() system call.
>
> >No you shouldn't, because programs SUID to root could possibly harm
> >system security. If you're good at writing perfectly secure code,
> >then that's not much of a problem, but otherwise I'd suggest using
> >'sudo' from your program instead. Don't use the SUID bit, where not
> >necessary.
>
> In fact that can be much less secure. With suid the program can give up
> root priv when no longer needed. Once it has given up root, you cannot get
> it back however.
> Under sudo, the program always runs as root, meaning any bugs are running
> as root.
> Ie, suid root is more secure than sudo on that same program.

Sure, but as long as you call those programs with a fixed command line,
nothing can happen. Otherweise being logged in as root somewhere would
be a security hazard.

And the code, which is run (like lsmod, ls, cat, ...) is well known and
tested. New code is always potentially buggy. You have to parse
command line options and open files before giving up root privileges.
There is enough room for a security risk.


Regards,
E.S.

motet520 wrote:

> i know with privileges rise from linux tool with uselib24.c and,
> hatrorihan20.c(this case is not accuratery) etc. It cannot do well
> English it will be ruined long.
>

Yoda, be not swayed by the dark side - use the force you must. motet520
seeks to tempt you with exploits. Read
http://www.unixpapa.com/incnote/setuid.html and acheive enlightnment.

C.

Colin McKinnon <colin.thisisnotmysurname@ntlworld.deletemeunlessU RaBot.com> writes:

>motet520 wrote:

>> i know with privileges rise from linux tool with uselib24.c and,
>> hatrorihan20.c(this case is not accuratery) etc. It cannot do well
>> English it will be ruined long.
>>

I agree that the English is rather confusing.

You CANNOT use a C program to switch to root privs. If y ou could the root
privs would be totally useless. Anyone could write a program to give
themselves root.
However, you can write a program with special permissions ( which only root
can give it called suid) which can have root privs
when it starts up. If you ever give them up in that program you cannot get
them back.

>Yoda, be not swayed by the dark side - use the force you must. motet520
>seeks to tempt you with exploits. Read
>http://www.unixpapa.com/incnote/setuid.html and acheive enlightnment.

>C.

Unruh <unruh-spam@physics.ubc.ca> (06-07-16 22:30:26):

> However, you can write a program with special permissions ( which only
> root can give it called suid) which can have root privs when it starts
> up. If you ever give them up in that program you cannot get them back.

Actually it can. The program can somehow reclaim root privileges, if it
had them before, but I don't know how exactly. I think, it had to do
with Linux caps.


Regards,
E.S.