Forum > Embedded - ARM

calling internal procedures/functions with root rights - not external calls

(1/2) > >>

ThomasK:
Hi,

is there a way to start pascal functions/procedures with root rights? I want to work with libsocketcan and some calls need root rights.

Thanks.

ccrause:
Apparently not: https://stackoverflow.com/questions/60074468/elevate-privileges-of-running-process

One alternative may be to launch a process/daemon with the necessary privileges, then use some communication channel (e.g. socket) to request the privileged information from the user mode process.

Edit: OK, you mentioned no external calls, that seems to be a deal-breaker.

MarkMLl:

--- Quote from: ThomasK on May 27, 2021, 07:38:26 pm ---is there a way to start pascal functions/procedures with root rights? I want to work with libsocketcan and some calls need root rights.

--- End quote ---

Yes, you use POSIX capabilities. You need to add the necessary capabilities to the binary at the end of the build hence https://bugs.freepascal.org/view.php?id=38608 , and once you've opened the socket or whatever you're strongly advised to relinquish root and all extra capabilities so that an attacker can't exploit your code. A complicating factor is that since capabilities are stored in EAs, they're lost if a file is copied/moved/archived so will need to be reapplied, that might mean that the end-user will need root access to his system which might not always be available.

MarkMLl

ThomasK:
Understood.

So this is not a good idea.

Anyway, if everything in Linux is a file O:-), is there a way to grant the user root access rights to the 'file' canx?

Thanks and Best Regards,

Thomas

MarkMLl:

--- Quote from: ThomasK on May 28, 2021, 06:04:54 pm ---Understood.

So this is not a good idea.

--- End quote ---

It's a perfectly good idea, all you have to do is RTFM.

MarkMLl

Navigation

[0] Message Index

[#] Next page

Go to full version