I was asked, what is the correct way to drop privileges in Linux.

So here is a list of things I usually do, when implementing unprivileged sub process:

  • fork
  • in some cases you would also want to do these:
    • clear the environment(leave only the required variables)
    • close all file descriptors(except the ones you need)
    • clear memory regions that are not supposed to be accessible by the child
    • change the inheritable capabilities
    • change namespaces or control groups
  • clear all groups
  • chroot, if it is used(I suggest using it)
  • setgid
  • setuid

In certain cases it may be a good idea to also call setsid() in the child, so your child will become a session leader.

Comments are closed.

Posted by HackMan
Dated: 10th July 2020
Filled Under: Uncategorized