[NCLUG] Need to write to non-owned file

Bob Proulx bob at proulx.com
Fri May 11 19:14:32 MDT 2007


Stephen Warren wrote:
> bsimpson at att.net wrote:
> > I am writing a C++ application that must read a file, alter it,
> > then write it back out.  This file may be owned by another user,
> > and be writable only by that user.  In this case I display a
> > popup to enter that user's password.  Once I have that password,
> > how do I write to that user's file?
> ...
> The answer is that you don't actually want to do this. Really.

Seconded.  And the voices in my head also agree.

> > In a shell environment, it's easy to switch users.  I need to do
> > that within an application.

I feel very confident of my shell programming skills and yet thinking
about how to do this in the shell leaves me with many problems to
solve.  I don't think it is quite as easy there as it might appear at
first glance.  Many subtle things to think about.

> Equally, you probably don't want your program to read the user's
> password and authenticate the user; it's a pain. It would require (at
> least part of) your program running as root, calling a bunch of complex
> APIs like setuid/seteuid/setgid/setegid, and probably a bunch of other
> complex stuff.

Yes.  Very messy.

> Instead, you're probably better off spawning a copy of su/sudo/login
> (possibly within a spawned xterm etc. if it's a GUI app) and having that
> prompt the user for the password, and running a command to write/edit
> the file.

If, and only if, that were appropriate then look into using 'sudoedit'
which comes with sudo.  (You mentioned sudo but let me call out
sudoedit specifically by name.)  It can be used to automate this
process somewhat.  In fact it may actually be able to do everything
that you want it to do just by itself.  Either interactive editing or
a batch editing such as the following.

  VISUAL='perl -pi -e "s/this/that/' sudoedit -u USER SOMEFILE

But I did not test it.

Bob



More information about the NCLUG mailing list