How to create file as another user via C/C++ in Linux?
Question
Linux C/C++ has open or fopen API, but created file are belong to process uid.
If we want to change owner/group of this file, we can use chown or fchown API after file created.
But, is there one API for creating file as another user, not two API ?
2 answers
solution1
2 ACCPTED 2019-08-15 01:57:37
There is no Unix api dedicated for that, but you can change the current user to other user before create the file, such as:
Make sure you have permission. The current effective user must be "root" OR set user or group ID on executable file.
Call
setgidandsetuidto other user.Create the file.
Call
setuidandsetgidto old user if required.
Because the user is process-wide, if your program is multi-threaded, you may need to fork a child process doing the steps I listed before.
But if you want non-root user (such as nobody) to run your program, you can give the permission to your executable file:
sudo chown root:root ./your_app && sudo chmod gu+s ./you_app
Now you can call setuid(0) and setgid(0) to acquire root permission.
solution2
1 2019-08-15 01:22:19
It's not possible in Linux.
Allowing this could cause some subtle security bugs (remote code execution, destroying files of other users, etc.) and therefore is not allowed.
Instead, please just run the process under sudo .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.