Root Priveleges at user level

Hello,
I am doing some embedded programming developing applications in linux. I have to do some low level port i/o in my application.

I am using inb/outb commands for which I am using iopl(3) to get access to these ports.

My question is, I am able to do these i/o operations as root and not as a user. Is there anyway that my program runs when I login as a user. I tried setuid(0). It didnt work. I am getting the same segmentation fault.

Any help is appreciated.


Thanks,
Phani Piratla.
dinkareceAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

dinkareceAuthor Commented:
I think I solved the problem.

I su 'd to root and then compiled the program
and then executed
chmod u+s oct_raw

and then exit out of the root privileges.


It works like charm.....

Thanks anyways,
Phani.
0
dinkareceAuthor Commented:
hmm...

I think I was still under su and thats the reason it worked. I realized that when I restarted the machine and logged in as a user and then tried to execute that program. Then I realized that it is still not working. Any help is appreciated.


Thanks. :(
0
manav_mathurCommented:
dinkarece,

I believe you have to 'setuid' your program after logging in as root.

Manav
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

de2ZotjesCommented:
In your original post you state: I am getting the same segmentation fault.

What segmentation fault, and the same as under what other conditions?

Basically what you ae doing is correct: make the program owned by root and setuid.
If you do that there is no need to make setuid(0) calls inside your code because the whole program is being run as root.

Well behaved programs that are setuid however immediately drop as many privileges as possible after being started and only revert back to root-level for the "critical" section. That way you try to reduce the risk of a breakin through your setuid-program.
0
dinkareceAuthor Commented:
Thank you guys for responding me.

I guess I figured out the source of my problem.
I have a module that I have to load in my setup.

./modload 9054

when I execute the above command as a user, I get the following error.

mknod: `/dev/plx/Pci9054' : Operation not permitted

If I execute or su to root, everything is fine.

This is the problem I was having as a user.  I have the invocation of this command inside my "modload" file. I also see some comments in the file saying that I have to execute this as a root or as a user with root privileges.

So, can't I not execute mknod as a user?


Thanks for your response.


0
de2ZotjesCommented:
Most  likely in this case is that the /dev directory rescricts the rights of non root users. Which is a good idea by the way! Creating nodes in that subdirectory might trick programs into trusting the underlying devices.

Generally it is considered normal to execute this sort of stuff (loading modules, creating nodes, etc) as root. After all if you can load a module into the kernel you own the system. You should be root to do that!

For your actual question: So, can't I not execute mknod as a user?
You can execute it as an user, it is done on a regular basis for example when you create named pipes. It does not appear to be possible to create block or char devices when you are a mere user. Why that is I cannot tell straight away, we would need to check the code for mknod :)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux OS Dev

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.