linux - program needs to be run as root by any user and can be located anywhere

07
2014-07
  • user3376127

    I have some program called foo that needs root privileges when it executes. foo needs to be able to be run by any user and can be located at any path. The reason this program can be at any path is because our company is developing program foo and each user may have a personal version of the program in some personal directory while they work on it.

    My question is this, what is the most secure way to handle this? I have been researching the sudoers file and have basically 2 ideas.

    1.) List all paths the program can be at in the sudoers file. This is problematic because it requires frequent editing of the sudoers list and also still poses a security risk since non root users will own their individual copy of foo and could copy some system program over foo and then use it as root.

    2.) Write a script called start_foo which performs some input validation on the passed program such as size and name and then starts the passed in foo. start_foo could live in /usr/bin and owned by root but runable by anyone. This option still includes the security hole of being able to write over the users foo program with another root requiring program but hopefully the size check would catch some malicious cases.

    Is there a "cannonical" way to solve this problem I haven't found or thought of? If not which of the above or possibly other solution is the best way to handle the problem?

    Thanks!

    • Answers
    Know someone who can answer? Share a link to this question via email, Google+, Twitter, or Facebook.

    Related Question

    Any latest linux distro which gives full root access ( NO SUDO )?
  • SunnyShah

    Is there Any latest linux distro which gives full root access ( NO SUDO ) ? I want to use it for programming in which I have to use / file system very frequently.

    What I need is any good linux distro with Nice Installer like Synaptic and Fast Bootup speed like ubuntu 9.04.

    Does Fedora 11 gives full root access?

    Thanks, Sunny.


    • Related Answers
  • quack quixote

    Becoming root for one session:

    In Ubuntu you can become root for the remainder of the session by typing:

    # old-school method
sudo su

# new hotness, comes highly recommended
sudo -i

    More information and related reading.


    Permanently enabling the root account:

    Further, you may permanently enable the root account by typing:

    sudo passwd root

    and providing a root password. You can then log in as root at your leisure without needing to use sudo.

  • John T

    Why not just log in as root when you start up? You provide the root password in the install process of most distributions (Fedora as you mentioned, is an example). If you forgot this you can reset it from a user account:

    sudo passwd root

    it will then ask you for your new UNIX password.

    If you'd like to become root temporarily AND use root's environment settings:

    sudo su -
  • andrej

    fedora offer full root access by typing

    su

    Or you can use your debian based distro (ubuntu) and type

    sudo bash

    to get semi-permanent root shell.

  • Seasoned Advice (cooking)

    Puppy Linux boots and will auto-login with root user by default.