Hi all,
I am looking for an approach to adapt for allowing non root users to
access application(s) (some specific ones) that were installed with
root privileges. I cannot adapt an approach in which the user
intervention is required(the 'su' coomand one) as well as would not
look for something that will compromise the security of the application
and the system as well.
I Thought of creating a group and assigning it read-and-execute rights
for the application(s) but as with root install, the application will
reside in the general default install dirs (/etc/ , /lib/ , etc) this
will require giving execute rights (for browsing thru the directories)
and may eventually cause some security threats. Please do comment upon
this apporach, pointing out flaws in it.
Any other idea/appraoch suggested would only help me in evaluating
things in a better way.
Regards,
Hector
5  1495 
hector wrote:
I am looking for an approach to adapt for allowing non root users to
access application(s) (some specific ones) that were installed with
root privileges. I cannot adapt an approach in which the user
intervention is required(the 'su' coomand one) as well as would not
look for something that will compromise the security of the application
and the system as well.
I Thought of creating a group and assigning it read-and-execute rights
for the application(s) but as with root install, the application will
reside in the general default install dirs (/etc/ , /lib/ , etc) this
will require giving execute rights (for browsing thru the directories)
and may eventually cause some security threats. Please do comment upon
this apporach, pointing out flaws in it.
Any other idea/appraoch suggested would only help me in evaluating
things in a better way.
This is comp.lang.c, where your question is wildly off-topic; you'd be
better off in comp.unix.progr ammer (if I've spelt that right).
--
Chris "Perikles triumphant" Dollin
"Who do you serve, and who do you trust?" /Crusade/
Hi,
I was basically looking for some way in which the same can be achieved
by a C code. comp.lang.c being "the" place for C stuff, i posted it in
here.
Furtheromre to clarify i am not looking for any code snippet (though a
rough idea is always an additional advantage ;) ) but just the way it
can be done using C.
Regards,
Hector
Chris Dollin wrote:
hector wrote:
I am looking for an approach to adapt for allowing non root users to
access application(s) (some specific ones) that were installed with
root privileges. I cannot adapt an approach in which the user
intervention is required(the 'su' coomand one) as well as would not
look for something that will compromise the security of the application
and the system as well.
I Thought of creating a group and assigning it read-and-execute rights
for the application(s) but as with root install, the application will
reside in the general default install dirs (/etc/ , /lib/ , etc) this
will require giving execute rights (for browsing thru the directories)
and may eventually cause some security threats. Please do comment upon
this apporach, pointing out flaws in it.
Any other idea/appraoch suggested would only help me in evaluating
things in a better way.
This is comp.lang.c, where your question is wildly off-topic; you'd be
better off in comp.unix.progr ammer (if I've spelt that right).
--
Chris "Perikles triumphant" Dollin
"Who do you serve, and who do you trust?" /Crusade/
hector wrote:
Hi all,
I am looking for an approach to adapt for allowing non root users to
access application(s) (some specific ones) that were installed with
root privileges. I cannot adapt an approach in which the user
intervention is required(the 'su' coomand one) as well as would not
look for something that will compromise the security of the application
and the system as well.
I Thought of creating a group and assigning it read-and-execute rights
for the application(s) but as with root install, the application will
reside in the general default install dirs (/etc/ , /lib/ , etc) this
will require giving execute rights (for browsing thru the directories)
and may eventually cause some security threats. Please do comment upon
this apporach, pointing out flaws in it.
Any other idea/appraoch suggested would only help me in evaluating
things in a better way.
I think what you may be looking for is "setuid" permissions under
Unix/Linux. The privileges that a program has while running has
nothing to do with the program (it is an OS function), and hence has
nothing to do with C. Try a unix/linux newsgroup
MQ
hector wrote:
(Please don't top-post.)
I was basically looking for some way in which the same can be achieved
by a C code. comp.lang.c being "the" place for C stuff, i posted it in
here.
It's "the" place for "C stuff", but Unix permissions aren't "C stuff".
Furtheromre to clarify i am not looking for any code snippet (though a
rough idea is always an additional advantage ;) ) but just the way it
can be done using C.
It is done in C by calling functions whose definition is outside the
scope of the C standard. What those functions are, and how they
interact, isn't something to do with C, but something to do with
Unix - so go where the expertise is. (Not that there are /no/ Unix
experts here, of course, but then again, there are bridge players
here, and Eurogamers, and Magenta fans [1], but that wouldn't make
a discussion of the distinction between contracts in Mu and bridge
or what album best goes with a Martin Wallace game topical.)
[1] Use of the plural indicates "at least one".
--
Chris "Perikles triumphant" Dollin
"People are part of the design. It's dangerous to forget that." /Star Cops/
hector wrote:
>
I was basically looking for some way in which the same can be
achieved by a C code. comp.lang.c being "the" place for C stuff,
i posted it in here.
Furtheromre to clarify i am not looking for any code snippet
(though a rough idea is always an additional advantage ;) ) but
just the way it can be done using C.
Please don't top-post. Do read the following links.
--
Some informative links:
<news:news.anno unce.newusers
<http://www.geocities.c om/nnqweb/>
<http://www.catb.org/~esr/faqs/smart-questions.html>
<http://www.caliburn.nl/topposting.html >
<http://www.netmeister. org/news/learn2quote.htm l>
<http://cfaj.freeshell. org/google/> This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Dmitry Akselrod |
last post by:
Hello everyone,
I am in the process of implementing an internal Certificate Authority on a
client's network. The CA will issue certificates to several intranet web
apps that will be accessible to remote users. I would like to
programmatically add the Root CA cert to the users' Trusted Root CA store.
I have reviewed dseveral articles offering example code on how to achieve
this using the CEnroll ActiveX control, incluing MS KB...
|
by: Jonathan |
last post by:
I am creating a CD-ROM based website template. Things work fine under
Windows but when I try to run the site under Linux the path is messed
up. Therefore my JavaScript functions misinterpret the root to be the
root of the filesystem instead of the root of the cd. Any cd I make
will need to run on Windows and Linux systems and the filesystems and
the way the cd's are mounted are always different. For example:
Windows root path for a...
|
by: wh |
last post by:
The application that I'm about to start working on requires maintaining a
list of users currently accessing an asp.net application running on IIS5.0.
I essentially need to monitor which xml files on the server various users
are working on. When a user selects an xml file, it is marked as 'locked'
thus disallowing other users from modifying it. The users will come and go
and I therefore need to remove the 'locked' flag from the respective...
|
by: Amjad |
last post by:
Hi,
I have installed a VB.NET application on a Windows 2000 computer. The
application writes to the hard disk under the its folder and writes to the
Registry under "LocalMachine\Software".
I want to allow Windows 2000 users to run this application using their
limited user accounts (i.e. Users Group). Currently they cannot run the
application because writing to Registry was denied.
|
by: schneider |
last post by:
Hi all,
I created a User Control "SlideShow.ascx" in my application's root.
Then I created a subfolder and an aspx page "MySlideShow1.aspx" in
there. I added an instance of the ascx control to this page. Now
here's my question: How can I access the aspx page's resource (e.g.
App_LocalResources/MySlideShow1.aspx.resx) from within the instance of
the ascx control? The code that wants to access the resource is
located in the ascx control...
| | |
by: =?Utf-8?B?SnVzdGlu?= |
last post by:
Hello Everyone:
I am having the most bizarre problem with my asp.net web app...this is my
first web app in asp.net and I inherited it from a programmer who quit...so,
I am not completely familiar with all the ins and outs.
The problem is that some machines can open my web app and some machines
cannot...In fact, the server, which is hosting the app and has VS.Net
installed, cannot access the app via the external IP address, but other...
|
by: David |
last post by:
With a non-server app there is one instance of the program running and one
user 'using' it at a time. With this scenario I'm pretty comfortable with
variable scope and lifetime. With a server app there is one instance of the
program running but several simultaneous clients connecting to and 'using'
it. When I think about this I'm wondering what this may add to what needs to
be considered for scope and lifetime... is a scenario created where...
|
by: shiva359 |
last post by:
Hi ,
could someone throw some light on why do default
software when installed ( as root for creating an instance
leaves us with some world accessable directories & some world
executable files & some world readable files .
I am facing this issue on how to explain to Unix Audit Team
how db2 is ensuring security even after allowing such
permissions at software level . if I give 750...
|
by: db2dude |
last post by:
We have a small problem in one of our database hosts in which the
db2ckpwd daemon process runs under the instance owner id instead of
"root".
Due to this, no other id except the instance owner is able to start
the database instance.
I see the following error messages in the diag if a 'db2start' is
attempted by any other id:
=================================================================
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
