spawn a process with a different user

edgarvm · November 9, 2010, 10:56am

Hello Everyone:

I have the following code

int main()
{
   system("/usr/OtherUser/bin/runX");
  return 0;
}

runX must be executed with privileges from another user, how could I do that? I know the password for such user.

Thanks in advance

DGPickett · November 9, 2010, 11:31am

There is su, but I am not sure if su reads sdin for password (ssh2 reads /dev/tty, so you need a tty generating wrapper like expect):

 
system( "su - user -c /usr/OtherUser/bin/runX");

You can use rsh/ssh/ssh2 trusted access:

system( "ssh2 -n user@localhost /usr/OtherUser/bin/runX");

edgarvm · November 9, 2010, 11:56am

Hello DGPickett, Thanks for quick response

su does read from stdin, unfortunately seems stdin is flushed before su prompts for the password, so I must wait for two seconds before entering the password but I don't know how.

Thanks again

Corona688 · November 9, 2010, 11:56am

For obvious security reasons, it doesn't, just like any other sane command that takes a password.

purdym · November 9, 2010, 12:26pm

Let's assume you not trying to hack a privileged account...
can you make /usr/OtherUser/bin/runX setuid.

And give yourself group execute?

Loic_Domaigne · November 9, 2010, 12:27pm

Two ideas that comes to my mind:

why should the runX be run with the priviledges of OtherUser. If the reason is because of files permissions, a better solution could involve putting User and OtherUser in the same group
If you still need to runX as OtherUser, I would recommend to use sudo (instead of su). You can configure sudo to run the program as OtherUser from User without password query

HTH,
Lo�c

DGPickett · November 9, 2010, 1:06pm

The ssh seems like overkill but is more secure. Two seconds, oh whoop!

 
system( "(sleep 3;echo the_password)|su - -c /usr/OtherUser/bin/runX" );

Corona688 · November 9, 2010, 1:15pm

DGPickett, that won't work. su doesn't read stdin, and really shouldn't read stdin. Besides, you're putting the password in plaintext in a file for easy grepping by anyone.

DGPickett · November 9, 2010, 2:43pm

Well, someone said it did, so I humored them.

The PW could be in an env var, but of course then it will be in every core dump and has to be set somewhere!

The ssh2 trusted user Public-Private Key passwordless authentication is my recommendation, as sometimes changing user also means changing host!

We never mentioned writing a set-uid executable, but that is usually too much of a pain! Hidden trick is cc -R to locate shared objects without environment.