Johannes Hofmann wrote:
> Yes, the latter. In a program I want to exec another binary with
> limited privileges.
The traditional UNIX way is to exec that other binary as
an unprivileged user, e.g. "nobody". The problem is that
you must be root to call setuid() in the first place.
You can use su
:> if it works, mounting the FS readonly should work..
:>
:> also, chflags might be helpful..
:>
:> or is this a coding question about coding the program that calls
:> setrlimit() ?
:>
:
:Yes, the latter. In a program I want to exec another binary with
:limited privileges.
I've thought ab
Chris Turner <[EMAIL PROTECTED]> wrote:
> Johannes Hofmann wrote:
>> Hi,
>>
>> I'm wondering whether there is a way to prevent a process to modify
>> the file system. setrlimit(RLIMIT_FSIZE) to 0 almost does the trick,
>> but unfortunately it does not prevent unlink() or truncate().
>> Is there a
Johannes Hofmann wrote:
Hi,
I'm wondering whether there is a way to prevent a process to modify
the file system. setrlimit(RLIMIT_FSIZE) to 0 almost does the trick,
but unfortunately it does not prevent unlink() or truncate().
Is there any reason why there is no limit to prevent unlink or
trun
Hi,
I'm wondering whether there is a way to prevent a process to modify
the file system. setrlimit(RLIMIT_FSIZE) to 0 almost does the trick,
but unfortunately it does not prevent unlink() or truncate().
Is there any reason why there is no limit to prevent unlink or
truncate?
Cheers,
Johannes
