I had to do a dirty Linux hack for somebody so they could start a printer with the `cupsenable printername` shell command while being a non-root user. I didn't want them to be able to use the entirety of the `cupsenable` syntax as root, so I just wrote a C wrapper that sanitizes the input in `argv` and calls `system("cupsenable sanitizedprintername")`.
I made the program setuid root, but even so, `cupsenable` failed with "permission denied". Then I inserted a `setuid(0)` call before `system()` and, lo and behold, it worked.
Disregard the issue of there being a better way to give users control of the printer. There probably is a better way. What I'm interested in are the intricacies of `chmod u+s` vs. `setuid(0)` vs. `system()`. Why did it behave that way?
以上就是Why do I need setuid(0) within a setuid-root C program that calls an administrative program with system()?的详细内容，更多请关注web前端其它相关文章！