Which user should the embedded application run as?

Question

We have an embedded linux product with an application which lets the user change different settings through the menu system. These settings include IP address/DHCP and time.

We now run this application as root but this feels wrong, letting the user directly interact with a process run as root.

Which user should we use?

If not root, how do we accomplish the permission issues that arise?

EDIT: The product does not have a graphical user environment in the classical Gnome/KDE fashion. The menu system mentioned is implemented on an LCD panel on the product itself.

Answer 1

This assumes that you're running GNOME.

1) Do what the program "Users and Groups" does. It allows you to see the current settings but requires you to unlock the advanced settings such as managing other users.

2) Use gksu extensively.

Answer 2

If strict controls are applied to input, there is nothing wrong to run an embedded application as root on Linux.

Anyway, when the underlying OS is something like VxWorks, applications run with maximum privileges as well.

Answer 3

If the application is the main part of the system, then it makes sense to run it as root. However, even if there is some extra work, it is worthwhile to uncouple your application with your GUI, so your GUI can run with as a normal user. This can also help you automate your tests.

Answer 4

I would split the code into parts. Create a user for your interface code. You could name it "interface." Then have it call into root via a daemon or sudo to actually execute the changes that require root. Limit the access so that only approved commands can be run.

Answer 5

I think the question is: what would happen if something goes wrong? I assume the product would just crash and hang or misbehave in any case? The concept of root vs regular user really only applies if there is something that not being root can protect against... which if all you have is a fixed UI does not seem to be the case.