Why do I need setuid(0) within a setuid-root C program that calls an administrative program with system()?

I had to do a dirty Linux hack for somebody so they could start a printer with the `cupsenable printername` shell command while being a non-root user. I didn't want them to be able to use the entirety of the `cupsenable` syntax as root, so I just wrote a C wrapper that sanitizes the input in `argv[1]` and calls `system("cupsenable sanitizedprintername")`. I made the program setuid root, but even so, `cupsenable` failed with "permission denied". Then I inserted a `setuid(0)` call before `system()` and, lo and behold, it worked. Disregard the issue of there being a better way to give users control of the printer. There probably is a better way. What I'm interested in are the intricacies of `chmod u+s` vs. `setuid(0)` vs. `system()`. Why did it behave that way?

以上就是Why do I need setuid(0) within a setuid-root C program that calls an administrative program with system()?的详细内容,更多请关注web前端其它相关文章!

赞(0) 打赏
未经允许不得转载:web前端首页 » CSS3 答疑

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

前端开发相关广告投放 更专业 更精准

联系我们

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

微信扫一扫打赏