Re: Reverse of promoting to root: downgrade root to unprivileged

On Sun, Jan 28, 2024 at 04:17:11PM -0800, Greg A. Woods wrote: > At Tue, 30 Jan 2024 16:19:31 +0100, tlaro...@kergis.com wrote: > Subject: Re: Reverse of promoting to root: downgrade root to unprivileged > > > > On Tue, Jan 30, 2024 at 02:35:02PM +0100, Rhialto wrote: > > > On Mon 29 Jan 2024 at

Re: Reverse of promoting to root: downgrade root to unprivileged

On Wed, Jan 31, 2024 at 07:19:57AM +, RVP wrote: > On Tue, 30 Jan 2024, tlaro...@kergis.com wrote: > > > That something can be written is sure. But I wondered if there was > > some attempt of some library (in whatever language) or some utility > > that will "fence" a root user, and will,

Re: Reverse of promoting to root: downgrade root to unprivileged

On Tue, 30 Jan 2024, tlaro...@kergis.com wrote: That something can be written is sure. But I wondered if there was some attempt of some library (in whatever language) or some utility that will "fence" a root user, and will, allow, without modifying existing (say, as an example, using pkgsrc

Re: Reverse of promoting to root: downgrade root to unprivileged

At Tue, 30 Jan 2024 16:19:31 +0100, tlaro...@kergis.com wrote: Subject: Re: Reverse of promoting to root: downgrade root to unprivileged > > On Tue, Jan 30, 2024 at 02:35:02PM +0100, Rhialto wrote: > > On Mon 29 Jan 2024 at 15:23:24 +0100, tlaro...@kergis.com wrote: > > > The typical example is

Re: Reverse of promoting to root: downgrade root to unprivileged

On Tue, Jan 30, 2024 at 02:35:02PM +0100, Rhialto wrote: > On Mon 29 Jan 2024 at 15:23:24 +0100, tlaro...@kergis.com wrote: > > The typical example is say, with pkgsrc (or any kind of packages > > system). One wants to build unprivileged, but installation may be > > privileged. So instead of

Re: Reverse of promoting to root: downgrade root to unprivileged

On Mon 29 Jan 2024 at 15:23:24 +0100, tlaro...@kergis.com wrote: > The typical example is say, with pkgsrc (or any kind of packages > system). One wants to build unprivileged, but installation may be > privileged. So instead of running as non root and having to enter the > password each time the

Re: Reverse of promoting to root: downgrade root to unprivileged

At Sat, 27 Jan 2024 20:00:24 +0100, tlaro...@kergis.com wrote: Subject: Reverse of promoting to root: downgrade root to unprivileged > > Starting some operation as common user (for example compiling/building) > before promoting to privileged (generally root) by su'ing or sudo'ing > (for example to

Re: Reverse of promoting to root: downgrade root to unprivileged

On Mon, Jan 29, 2024 at 06:26:53AM -0800, Alistair Crooks wrote: > As RVP mentioned, this is a SMOP, but if you're looking for an out of the > box utility, checkout djb's setuidgid (available in > pkgsrc/sysutils/daemontools) https://cr.yp.to/daemontools/setuidgid.html Thanks. I will take a look.

Re: Reverse of promoting to root: downgrade root to unprivileged

As RVP mentioned, this is a SMOP, but if you're looking for an out of the box utility, checkout djb's setuidgid (available in pkgsrc/sysutils/daemontools) https://cr.yp.to/daemontools/setuidgid.html On Mon, 29 Jan 2024 at 04:10, RVP wrote: > On Sat, 27 Jan 2024, tlaro...@kergis.com wrote: > > >

Re: Reverse of promoting to root: downgrade root to unprivileged

On Mon, Jan 29, 2024 at 12:10:07PM +, RVP wrote: > On Sat, 27 Jan 2024, tlaro...@kergis.com wrote: > > > But does somebody know of an established program or library that allows > > to start a process as root and to automatically downgrade rights for > > tasks (I mean identified chunks of

Re: Reverse of promoting to root: downgrade root to unprivileged

On Sat, 27 Jan 2024, tlaro...@kergis.com wrote: But does somebody know of an established program or library that allows to start a process as root and to automatically downgrade rights for tasks (I mean identified chunks of whatever code) that do not require privileges? You mean toggling

Reverse of promoting to root: downgrade root to unprivileged

Starting some operation as common user (for example compiling/building) before promoting to privileged (generally root) by su'ing or sudo'ing (for example to install) is common. But does somebody know of an established program or library that allows to start a process as root and to automatically