Interesting suid problem

I have a situation where I am using GTK as
a frontend for a databse we have. Everything
is fine except for the fact that I want to
keep the database password secure. I do
not want to store it in the program for
obvious reasons so I thought I would save
it in an external file and have the program
read it on startup. The only decent way that
I know of to do this have a special user
which can read the file and have the program
setuid to run as that user. However, gtk
doesn't like being run setuid. I looked
at the setuid page because it says:

"You must create a helper program instead.
For further details, see:";

However, the only mention on this page of
a helper program would require me to practically
rewrite my entire application which is
unacceptable. The only information my application
receives is from the database and the password

I don't like setuid applications as much
as the next person, but I need to be able
to secure the password file while being
able to use and write this application in
a feasible manner.

If anyone else has a suggestion for solving
my problem, please let me know (as long as
it's not rediculous like the solution on
the suid page. Otherwise, is there a way
to work around this warning?

Jeff Shipman           E-Mail: jeff nmt edu
Systems Programmer     Phone: (505) 835-5748
NMIMT Computer Center

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]