On Tue, 19 Feb 2002, Patrick Luby wrote: > > Changing the uid to root is certainly impossible AFAIK ( at least on > > unix, on NT everything is possible, but I hope not this one ). > > > Well, of course the process would have to be started as root and the setuid to a > non-root user happens at the start of the process. Then, the JNI calls allow you > to invoke setuid to switch back to the "saved uid" which is root (since that is > the uid of the parent process). The only issue that think that may be > problematic is multi-threading since all threads get switched back to root >momemtarily.
My point was that after you drop the root priviledges, there's no way to get them back. I just double checked the manual, at least on linux. Apache and all other unix daemons are started as root, they aquire the port, then drop priviledges. If calling setuid() again would get back to root, what would be the point? The hacker exploiting a stack overflow could easily call setuid. > My only worry here is how much resistance there would be for native executables > to launch Tomcat and/or other tools. Of course, one could also launch Java > directly so maybe this will make this idea more palatable. JK and inprocess already require jni. Costin -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
