>>I'm trying to write a general Unix (incl. Linux) program which will attempt to
>>read and modify a file owned by root. [...]
> Simply write the program as if permissions were not a problem. When it
>comes time to use the program. Use 'chmod 4755 program' and 'chown root
>program'. This will set the executable up as owned by root and executable by
>anyone. The 4 in chmod will set it so that executing it informs the OS to act
>as if the user running it is (in this case) root.
This advice is VERY DANGEROUS for the security of your system.
Setuid-root programs have to be *extremely* careful what they do, as
it is very easy to write bugs which allow normal users to become root.
Simply writing a program `as if permissions were not a problem' is not
good enough. You should take a look at the problem and decide what
the smallest set of operations are that need to be done priveliged.
You should then write a separate program which checks that the
conditions for doing these things are satisfied[*] and does them.
Make that program suid or setgid (something other than suid root, if
possible), and have the rest of your application call it.
Setuid root programs should be very careful about opening files
(especially for writing) and should never[**] run shell scripts. They
should not use the C library's system() call, as that invokes a shell;
if they need to run other programs they should use execl or execv (NOT
execlp or execvp) directly, and be absolutely sure that the program
they're about to run cannot be fooled into doing anything untoward.
I've probably missed a couple of things here, but you get the general
idea: BE VERY CAREFUL when writing anything that runs setuid.
Finally, this isn't a Linux-specific topic, and so doesn't really
belong in comp.os.linux.
[*] This step is important ! It's no good saying `the priveliged bit
is deleting such-and-such a file, so I'll write a suid root program
that deletes a file', as it could be used to delete any file !
[**] Unless you're an expert and *really* *absolutely* know what
you're doing. Even then it's a very bad idea.
35 Molewood Close, Cambridge, CB4 3SR, England; phone: +44 223 327029
PGP2 public key on request; fingerprint = 5906F687 BD03ACAD 0D8E602E FCF37657