Interesting suid problem

From: Jeff Shipman - SysProg <jeff nmt edu>
To: gtk-list gnome org
Subject: Interesting suid problem
Date: Thu, 21 Feb 2002 10:59:25 -0700 (MST)

I have a situation where I am using GTK as
a frontend for a databse we have. Everything
is fine except for the fact that I want to
keep the database password secure. I do
not want to store it in the program for
obvious reasons so I thought I would save
it in an external file and have the program
read it on startup. The only decent way that
I know of to do this have a special user
which can read the file and have the program
setuid to run as that user. However, gtk
doesn't like being run setuid. I looked
at the setuid page because it says:

"You must create a helper program instead.
For further details, see:
http://www.gtk.org/setuid.html";

However, the only mention on this page of
a helper program would require me to practically
rewrite my entire application which is
unacceptable. The only information my application
receives is from the database and the password
file.

I don't like setuid applications as much
as the next person, but I need to be able
to secure the password file while being
able to use and write this application in
a feasible manner.

If anyone else has a suggestion for solving
my problem, please let me know (as long as
it's not rediculous like the solution on
the suid page. Otherwise, is there a way
to work around this warning?

Jeff Shipman           E-Mail: jeff nmt edu
Systems Programmer     Phone: (505) 835-5748
NMIMT Computer Center  http://www.nmt.edu/~jeff

Follow-Ups:
- Re: Interesting suid problem
  - From: Sven Neumann
- Re: Interesting suid problem
  - From: Havoc Pennington
- Re: Interesting suid problem
  - From: Vincent Arkesteijn

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]