A
Andrea Crotti
My program now sadly runs only as root, but actually I think that the
only thing that really needs root access is the creation of a tunnel
device.
Looking around I understood that I could use setuid() to drop the
privileges after critical part is over, but to what user?
I think this is the reason why mysql/openldap/etc creates new user, so
they can drop down to it when they're done with critical part.
But where exactly should this user cretion mechanism be set?
Still from the C program (removing it when exiting)?
Thanks
only thing that really needs root access is the creation of a tunnel
device.
Looking around I understood that I could use setuid() to drop the
privileges after critical part is over, but to what user?
I think this is the reason why mysql/openldap/etc creates new user, so
they can drop down to it when they're done with critical part.
But where exactly should this user cretion mechanism be set?
Still from the C program (removing it when exiting)?
Thanks