[linux-lvm] lvcreate from a setuid-root binary
Alasdair G Kergon
agk at redhat.com
Mon Nov 19 13:01:50 UTC 2018
On Mon, Nov 19, 2018 at 09:55:07AM +0100, Christoph Pleger wrote:
> My program calls getpwuid() with the real user id of the calling user
> and then compares this user's name with the name of the one and only
> user who is allowed to continue program execution. Do you think that
> this can be circumvented?
I'll just repeat - don't write your own setuid programs if you care
about security. Here's an old paper that lists some (and certainly not
all!) of the things people who do write them have to understand:
http://man7.org/conf/lca2010/writing_secure_privileged_programs.pdf
It only takes one mistake or one thing you didn't know about or
understand properly to make your system insecure.
Alasdair
More information about the linux-lvm
mailing list