From mboxrd@z Thu Jan  1 00:00:00 1970
From: Steve Grubb <sgrubb@redhat.com>
Subject: Re: getuid() vs. geteuid() in auditctl
Date: Tue, 20 Mar 2012 14:07:46 -0400
Message-ID: <201203201407.46778.sgrubb@redhat.com>
References: <CALnj_=7f-V+7UEJ_eDgtQFEDCpj5FALCLFk+s9e6H-nxjPJdFw@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <CALnj_=7f-V+7UEJ_eDgtQFEDCpj5FALCLFk+s9e6H-nxjPJdFw@mail.gmail.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

On Friday, March 16, 2012 05:50:56 PM Peter Moody wrote:
> line 1162 in auditctl.c has this:
> 
> #ifndef DEBUG
>   /* Make sure we are root */
>   if (getuid() != 0) {
>     fprintf(stderr, "You must be root to run this program.\n");
>     return 4;
>   }
> #endif
> 
> Is there any particular reason to use getuid() there as opposed to
> geteuid()? 

I suppose it doesn't matter. I never envisioned having a helper application, so 
that why its the way it is. Since we are optionally linking in libcap-ng, I 
suppose we could even check the capability rather than the euid. Also note that 
for certification purposes the file permissions are restricted.

-Steve

> In my particular case, we have a setuid helper that allows
> a normal user to run 'auditctl -l' (with a clean environment), and
> this prevents the setuid helper from working.