如何以编程方式获得root权限？ [英] How to programmatically gain root privileges?

问题描述

我正在编写一些作为非特权用户运行的软件（在C ++中，对于Linux / Mac OSX），但在某些时候需要root权限（创建一个新的虚拟设备）。

I am writing some software (in C++, for Linux/Mac OSX) which runs as a non-privileged user but needs root privileges at some point (to create a new virtual device).

以root身份运行这个程序不是一个选项（主要是为了安全问题），我需要知道真实用户的身份（uid）。

Running this program as root is not a option (mainly for security issues) and I need to know the identity (uid) of the "real" user.

有没有办法模仿sudo命令行为（要求用户密码）暂时获得root权限并执行特定任务？如果是，我将使用哪些功能？

Is there a way to mimic the "sudo" command behavior (ask for user password) to temporarily gain root privileges and perform the particular task ? If so, which functions would I use ?

非常感谢您的帮助！

推荐答案

原始答案

您可以考虑可执行文件本身的setuid开关。维基百科有一个文章，甚至可以显示 geteuid（）和 getuid（）相当有效，前者是为了找出你是模拟，后者是你是。 sudo过程，例如，geteuid应该返回0（root）和getuid你的用户的id，然而，它的子进程确实以root身份运行（你可以使用 sudo id -u -r ）。

You might consider the setuid switch on the executable itself. Wikipedia has an article on it which even shows you the difference between geteuid() and getuid() quite effectively, the former being for finding out who you're "emulating" and the latter for who you "are". The sudo process, for example, geteuid should return 0 (root) and getuid your user's id, however, its sub-processes do truly run as root (you can verify this with sudo id -u -r).

我不认为有一种方法可以轻松地以编程方式获得root访问权 - 毕竟，应用最小权限的原则，你需要？通常的做法是只运行有限部分的具有提升的特权的代码。许多守护进程等也设置在现代系统下作为自己的用户运行他们需要的大多数特权。

I don't think there's a way to easily programmatically gain root access - after all, applying the principle of least privilege, why would you need to? Common practise is to run only limited parts of code with elevated privileges. A lot of daemons etc are also set up under modern systems to run as their own user with most of the privileges they need. It's only for very specific operations (mounting etc) that root privileges are truly needed.

2013年更新

我的原始答案（尽管我的2013年的自我可能会比我的2010年更好的工作），但如果你正在设计一个需要根访问的应用程序，你可能想考虑到什么样的根需要访问，并考虑使用 POSIX功能< a> （手册页）。这些与L4等人实施的基于能力的安全性不同。 POSIX功能允许您的应用程序被授予root权限的子集。例如 CAP_SYS_MODULE 将允许您插入内核模块，但是没有其他root权限。这在分布中使用。 Fedora具有彻底删除setuid二进制文件的功能，可随意访问根目录。

My original answer stands (although my 2013 self might make a better job of it than my 2010 one), but if you are designing an application that requires root access, you may want to consider exactly what sort of root access is needed and consider the use of POSIX Capabilities (man page). These are different to capability-based security as implemented in L4 et al. POSIX capabilities allow your application to be granted a subset of root's powers. For example CAP_SYS_MODULE will allow you to insert kernel modules, but give you no other root powers. This is in use in distributions e.g. Fedora has a feature to completely remove setuid binaries with indiscriminate root access.

这很重要，因为作为一个程序员，你的代码显然是完美的！但是，你所依赖的图书馆（叹息，如果只有你写它们）可能有漏洞。使用功能，您可以限制此漏洞的使用，并保护您和您的公司安全相关的审查。这使得每个人都更开心。

This matters because as a programmer, your code is obviously perfect! But, the libraries on which you depend (sigh, if only you'd written them!) might have vulnerabilities in them. Using capabilities, you can limit the use of this exploit, and save yourself and your company from security-related scrutiny. This makes everyone happier.

这篇关于如何以编程方式获得root权限？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！