Category Archives: Programming

Dropping root Privileges Permanently on Linux in C

If you would like to drop root privileges permanently on Linux using C:

#define _GNU_SOURCE  // for secure_getenv()


int drop_root_privileges(void) {  // returns 0 on success and -1 on failure
	gid_t gid;
	uid_t uid;

	// no need to "drop" the privileges that you don't have in the first place!
	if (getuid() != 0) {
		return 0;
	}

	// when your program is invoked with sudo, getuid() will return 0 and you
	// won't be able to drop your privileges
	if ((uid = getuid()) == 0) {
		const char *sudo_uid = secure_getenv("SUDO_UID");
		if (sudo_uid == NULL) {
			printf("environment variable `SUDO_UID` not found\n");
			return -1;
		}
		errno = 0;
		uid = (uid_t) strtoll(sudo_uid, NULL, 10);
		if (errno != 0) {
			perror("under-/over-flow in converting `SUDO_UID` to integer");
			return -1;
		}
	}

	// again, in case your program is invoked using sudo
	if ((gid = getgid()) == 0) {
		const char *sudo_gid = secure_getenv("SUDO_GID");
		if (sudo_gid == NULL) {
			printf("environment variable `SUDO_GID` not found\n");
			return -1;
		}
		errno = 0;
		gid = (gid_t) strtoll(sudo_gid, NULL, 10);
		if (errno != 0) {
			perror("under-/over-flow in converting `SUDO_GID` to integer");
			return -1;
		}
	}
	
	if (setgid(gid) != 0) {
		perror("setgid");
		return -1;
	}
	if (setuid(uid) != 0) {
		perror("setgid");
		return -1;	
	}

	// change your directory to somewhere else, just in case if you are in a
	// root-owned one (e.g. /root)
	if (chdir("/") != 0) {
		perror("chdir");
		return -1;
	}

	// check if we successfully dropped the root privileges
	if (setuid(0) == 0 || seteuid(0) == 0) {
		printf("could not drop root privileges!\n");
		return -1;
	}

	return 0;
}

I hope this would save you some time so that you won’t spend an hour like me, trying to find a proper solution!

The code is provided “as is”, without warranty of any kind, express or implied.

Sources

c – Dropping root privileges – Stack Overflow

man sudo (Sudo Manual)

Closed-Form Expression to Calculate n-th Fibonacci Number

A more interesting way to find nth Fibonacci number.

Fibonacci sequence is a prime example in teaching recursion to newcomers, and a great opportunity to brag if your language supports Tail Call Optimization, but it often goes unnoticed that there is a closed-form expression which lets us find the nth Fibonacci number with great ease and in much faster way. This article will present the expression, and explain -step by step- its derivation using high-school mathematics.

Continue reading

Using LLVM’s IR for semi-compiled packages

As many other things that comes into my mind between 1-3 AM, this is also a bit blurry.

I was thinking about the possibility of utilizing LLVM’s Intermediate Representation to pre-compile packages into an intermediate language which is high level enough, and yet with its dense bitcode representation, can easily shorten compile times by reducing the time that is spent on parsing, analyzing and intermediate code generation.

Distros such as Gentoo can benefit from to a great extent I believe, but as I don’t know how their system works, I can not elaborate about the details. Also any open source project, that doesn’t provide pre-built packages, can at least use this method to shorten build times of their users.

I’ll think about it, to come up with an idea.