The Linux Programming Interface

38WRITING SECURE PRIVILEGED PROGRAMS

Privileged programs have access to features and resources (files, devices, and so on) that are not available to ordinary users. A program can run with privileges by two general means:

• The program was started under a privileged user ID. Many daemons and network servers, which are typically run as root, fall into this category.

• The program has its set-user-ID or set-group-ID permission bit set. When a set-user-ID (set-group-ID) program is execed, it changes the effective user (group) ID of the process to be the same as the owner (group) of the program file. (We first described set-user-ID and set-group-ID programs in Section 9.3.) In this chapter, we’ll sometimes use the term set-user-ID-root to distinguish ...

Get The Linux Programming Interface now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Linux Programming Interface by Michael Kerrisk

38WRITING SECURE PRIVILEGED PROGRAMS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly