Possible to Create a User in a Program

I would like to know if it possible to add a user to a Unix system within a program that does not require root privelege. I would like to do this using Java if possible.
andrewmchorneyAsked:
Who is Participating?
 
festiveCommented:
Jlevie is quite correct: unix uses a heirachical permissions model, which gives only the superuser (or equivalent account) access to administrative functions such as adding new accounts.

I have done exactly what you are talking about in the following way:

I have created a Java Application (NOT APPLET - due to applet security restrictions) which talks to a native method (small c program).

The server (Java) does not need or warrant setuid (root) priviledges, so it runs as "nobody", and the c program after being compiled runs as SETUID root.

Care must be taken to ensure the following:
1) that the setuid program is not executable by anyone but the server process etc.

2) that there is some authentication for the account ( ie a checksum/key etc) we use a key and an LFSR (Linear Feedback Shift Register) to validate requests). Ideally all requests and responses to the program should be encrypted with one-time synchronised keys or public key encryption (ie the main program has a public and private key, and the c program has the same)

3) the account should be setup so that no one can log into it (through any services) and strong controls/SSL should be used if it is to be internet/intranet deployed.

Hope this helps
0
 
jlevieCommented:
Yes, it's possible to progamatically add a users, and no, you can't do it without root privs. Either the main task must have root privs or the external commands that the task could call would have to have root privs.
0
 
andrewmchorneyAuthor Commented:
Suppose I have a Java application that would like to create a new user after a user id and passeord was entered in the screen. Could the Java application execute commands or a program that require root priveleges without the Java program running as root.

I would think that an average user application could not start up a program that requires root priveleges.

0
 
andrewmchorneyAuthor Commented:
Suppose I have a Java application that would like to create a new user after a user id and passeord was entered in the screen. Could the Java application execute commands or a program that require root priveleges without the Java program running as root.

I would think that an average user application could not start up a program that requires root priveleges.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.