OL&L Lists <email@hidden> wrote:
>So in other words, the solution is to setuid *before* the process is
>launched - and that there is no way to elevate it to root once it is
>running if it wasn't launched as root.
Yes. That's how Unix/Posix security is fundamentally designed.
>It's probably not a good idea to launch any Java app as root -
>period.
That seems superstitious to me. I don't see how Java is better or worse
than any other kind of executable run as root. Every form has different
exposures, so you have to thoroughly understand what you're doing.
Omnipotence requires knowledge and responsibility.
The crucial element, as always, is to ensure the correctness and
trustworthiness of the execution. This includes ancillary elements,
especially any ancillaries that might affect execution in any way (e.g.
implicit classpath elements; GIFs or JPEGs that might cause a native fault
or an unexpected exception, etc.).
In general, writing a Java program that runs safely as root is pretty much
the same as writing any other program that runs safely as root. All the
same precautions and advice apply, though the specific details may differ.
> I guess I will have to pursue the port-redirection or file
>descriptors approach then.
Pursuing file descriptors, you may find the Java class FileDescriptor
useful. I don't know exactly what the presumed representation inside
FileDescriptor is, but it might be worth looking at.
-- GG
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Java-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
