Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

root tool acting on behalf of a user - what to set and how

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

root tool acting on behalf of a user - what to set and how

Subject: root tool acting on behalf of a user - what to set and how
From: Dan Bernstein <email@hidden>
Date: Sat, 25 Sep 2004 11:16:43 +0200

I have a server process running as root that needs to create a file on
behalf of a user. I want the file creation operation to be subjected
to the requesting user's permissions, so I'm using seteuid(). However,
this is not enough, since additional permissions may be given to the
user's group, so I also call setegid(). This isn't enough either,
since the user may belong to several groups, so I call setgroups() as
well.

Questions:
1. Given the user's uid, what's the best way to determine the user's
gid and groups list?
2. Am I forgetting something?

Thanks in advance,
-- Dan Bernstein
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

Follow-Ups:
- Re: root tool acting on behalf of a user - what to set and how
  - From: Finlay Dobbie <email@hidden>

Prev by Date: pcnfsd?
Next by Date: quick Open Directory question
Previous by thread: pcnfsd?
Next by thread: Re: root tool acting on behalf of a user - what to set and how
Index(es):
- Date
- Thread