Skip to content
Advertisement

In a setuid root program, how to check that the current user (that root is doing the work for) owns a file?

The use case is a mount tool, I want to restrict mounting (a unionfs(r+x dir, squashfs) ) to files owned by the caller.

I know about fusefs, But I’d like to use overlayfs and squashfs in the kernel.

Advertisement

Answer

So long as you haven’t called setuid() or setreuid() yet, you can use getuid() to get the user ID of the user that executed your program. Once you’ve done that, you can use stat() to get the owner of a file.

Alternatively, you can use the access() system call to check whether the user can read, write, and/or execute a specified path. access() uses the real user ID, not the effective user ID, so it will not use root’s permissions to perform this access check.

In either case, take care that you do not introduce a time-of-check/time-of-use (TOCTOU) vulnerability in this check. Remember, the object pointed to by a path may change at any time, even while your application is running. Symbolic links are a particular hazard here!

User contributions licensed under: CC BY-SA
2 People found this is helpful
Advertisement