Effective, Real and Group id switching for daemons

From: John Hanna (jhannaat_private)
Date: Fri Jan 24 2003 - 14:19:22 PST

  • Next message: jasonk: "RE: Standards for developing secure software"

    I'm working to improve ASSP's support for *nix environments. (ASSP,
    http://assp.sourceforge.net, is an anti-spam smtp proxy written in Perl.)
    One of the important features is to be able to run as non-root after we
    start listening on port 25. I had a couple of questions for those wiser than
    I.
    First is it important to switch the real uid as well? It might be nice to
    preserve the real uid so I can switch back to root if they kill -HUP and I
    need to switch ports. But in the event of a perl-based vulnerability and I
    changed the effective-uid but not real-uid I suppose the clever hacker would
    switch the effective-uid back if possible. So I probably need to do that,
    right?
    
    Secondly do I need to give the option to switch effective and real group id
    as well? I suppose root group might be able to do something a hacker
    shouldn't, even after they've lost root euid, right?
    
    Finally, this code has to have been written 1000 times, but I couldn't find
    it anywhere. Can someone point me to an opensource perl server daemon that I
    can swipe code from? Or perhaps email me their prized nuget from their own
    project with permission to recycle?
    
    Thanks tons,
    John
    



    This archive was generated by hypermail 2b30 : Sat Jan 25 2003 - 01:26:45 PST