I want a user-privileged (not root) process to launch new processes as user "nobody". I've tried a straight call to setuid that fails with -1 EPERM on Ubuntu 8.04:
#include <sys/types.h>
#include <unistd.h>
int main() {
setuid(65534);
while (1);
return 0;
}
How should I do this instead?
As far as I know, you can't unless you're root or have sudo set up to allow you to switch users. Or, you can have your executable have the suid bit set up on it, and have it owned by nobody. But that requires root access too.
You will require assistance and a lot of trust from your system administrator. Ordinary users are not able to run the executable of their choice on behalf on other users, period.
She may add your application to /etc/sudoers with proper settings and you'll be able to run it as with sudo -u nobody. This will work for both scripts and binary executables.
Another option is that she will do chown nobody and chmod +s on your binary executable and you'll be able to execute it directly. This task must be repeated each time your executable changes.
This could also work for scripts if you'll create a tiny helper executable which simply does exec("/home/you/bin/your-application"). This executable can be made suid-nobody (see above) and you may freely modify your-application.
Hope it helps,
The 'nobody' user is still a user. I'm not sure what your reasoning is in having the program run as nobody, it's not going to be adding any additional security. You're more likely to open yourself to other problems.
I'd follow squadette's recommendation of using a helper application.