GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  PRIV_EXECVE (3)

NAME

priv_execve - execute program as a given user and in a given chroot jail

CONTENTS

Synopsis
Description
Files
Bugs
Todo
Author

SYNOPSIS

#include <privman.h>

int priv_execve(const char *program, char * const argv[], const * const envp[], const char * userconst char *chroot);

DESCRIPTION

priv_execve() executes the program pointed to by program.

See execve(2) for more details about the program, argc, and envp parameters.

As an important note, the execve will actually occur in a new slave process, so changes made to the process context in the local process, like limits, will not affect it. The new program will not have any access to the privilege manager, although if the user provided to priv_execve is "root" that little detail won’t be relevant.

program must be in the name-space provided by chroot as the execve call is made after the chroot call. chroot should be an absolute path. Setting up a proper chroot jail for the process to run is is not simple, as the process must also be able to link inside the jail. If NULL is passed as chroot, the directory "/" will be used.

user will be looked up via getpwent, and so should probably be in the password file. The user is looked up before the chroot. If NULL is passed as user, the user default unprivileged user (normally "nobody") will be used.

FILES

${prefix}/etc/privman.d/ appname
The application’s configuration file. See privman_conf(5) for more details. To use priv_execve , the configuration file will have to set allow_rerun to a true value.

The configuration file will also need to list any target users in run_as user statements.

BUGS

Given the issues in verifying the arguments, then executing, race conditions are likely. The method should fail (causing the program to exit) if the environment changes unsuitably rather than give up privilege, but the method will be unable to return an error code to the calling process.

TODO

Remove this method.

AUTHOR

Network Associates. Send email to <privman@nailabs.com>

SEE ALSO

priv_bind(3) priv_daemon(3) priv_fopen(3) priv_fork(3) priv_init(3) privman_conf(5) priv_open(3) priv_pam(3) priv_rerunas(3) privman(7)
Search for    or go to Top of page |  Section 3 |  Main Index


Unix PRIV_EXECVE (3) SEPTEMBER 2002

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.