[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: getuid() vs. geteuid() in auditctl



On Tue, Mar 20, 2012 at 11:07 AM, Steve Grubb <sgrubb redhat com> wrote:
> On Friday, March 16, 2012 05:50:56 PM Peter Moody wrote:
>> line 1162 in auditctl.c has this:
>>
>> #ifndef DEBUG
>>   /* Make sure we are root */
>>   if (getuid() != 0) {
>>     fprintf(stderr, "You must be root to run this program.\n");
>>     return 4;
>>   }
>> #endif
>>
>> Is there any particular reason to use getuid() there as opposed to
>> geteuid()?
>
> I suppose it doesn't matter. I never envisioned having a helper application, so
> that why its the way it is. Since we are optionally linking in libcap-ng, I
> suppose we could even check the capability rather than the euid.

Just the CAP_AUDIT_CONTROL capability?

> Also note that
> for certification purposes the file permissions are restricted.

The permissions of the auditctl binary?

> -Steve
>
>> In my particular case, we have a setuid helper that allows
>> a normal user to run 'auditctl -l' (with a clean environment), and
>> this prevents the setuid helper from working.



-- 
Peter Moody      Google    1.650.253.7306
Security Engineer  pgp:0xC3410038


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]