getuid() vs. geteuid() in auditctl
Peter Moody
pmoody at google.com
Fri Mar 16 21:50:56 UTC 2012
line 1162 in auditctl.c has this:
#ifndef DEBUG
/* Make sure we are root */
if (getuid() != 0) {
fprintf(stderr, "You must be root to run this program.\n");
return 4;
}
#endif
Is there any particular reason to use getuid() there as opposed to
geteuid()? In my particular case, we have a setuid helper that allows
a normal user to run 'auditctl -l' (with a clean environment), and
this prevents the setuid helper from working.
Cheers,
peter
--
Peter Moody Google 1.650.253.7306
Security Engineer pgp:0xC3410038
More information about the Linux-audit
mailing list