Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

better start-up avoiding sudo #71

Closed
mcku opened this issue Aug 18, 2018 · 5 comments
Closed

better start-up avoiding sudo #71

mcku opened this issue Aug 18, 2018 · 5 comments

Comments

@mcku
Copy link

mcku commented Aug 18, 2018

Story: My kids wanted to start steam and play games on my laptop without starting bumblebee, entering password for sudo, etc. I was looking for a way for how to improve this and one of a sudden I came across nvidia-xrun, which is the way I wanted to run graphical programs on my asus rog laptop, with optimus card. I have begun using nvidia-xrun, which runs perfectly. However, starting it requires sudo operation. Therefore it would be nicer to have setuid kind of alternative to start the script. Also, typically no one invokes sudo during login, even though privileged apps run in the background.

I think setuid is a good fit and it is ok for me to compile a binary, setuid it and start the nvidia-xrun session using the binary. It will help my kid to enter only the following:

nvidia-xrun-setuid-root startxfce4

nvidia-xrun-setuid-root.c:

#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
#include <string.h>

int main(int argc, char *argv[]) {
    char buf[256];
    setuid(geteuid());
    snprintf(buf, sizeof buf, "nvidia-xrun %s", argv[1]);
    printf("Executing as root: %s\n", buf);
    system(buf);
}

Just an idea, in case anyone needs it, or you may improve and enhance your product!
@xiamaz
Copy link

xiamaz commented Aug 21, 2018

This is almost the same as passwordless sudo

@mcku
Copy link
Author

mcku commented Aug 24, 2018

Passwordless sudo requires sudo privilege granted to the user. With setuid, "kind-of" sudo privilege is granted to the app. Please note that nvidia-xrun is a bash script. If it were an executable binary with proper setuid, an approach like above would avoid password requirement, without sudo.

@ExoticMatter
Copy link

You don't need permission to use sudo; you need permission to run commands with sudo.

The main problem here is that you nvidia-xrun doesn't let you run it as root. But if you extract the parts of nvidia-xrun that need sudo to a different script (see b142b00, #87), you can allow all users to run the extracted script with sudo by whitelisting it in your sudoers file:

%users ALL=(root) NOPASSWD:/usr/bin/nvidia-toggle

This line grants all human users the right to sudo nvidia-toggle [args...], and nothing more, even if they can't sudo anything else. For example, little Johnny still can't sudo rm -rf / your computer, and he also can't trick sudo into running something else if the full path is provided.

@lilydjwg
Copy link

lilydjwg commented Apr 8, 2019
edited
Loading

Passwordless sudo requires sudo privilege granted to the user. With setuid, "kind-of" sudo privilege is granted to the app.

Nope. Your code almost grants root permissions to run any command to anyone who tweaks enough. suid binaries are hard to be safe, and some distributions persuing safety try very hard to remove all suid binaries.

@Witko
Copy link
Owner

Witko commented May 3, 2019

Hi Guys, here i agree with @ExoticMatter , there is a plan to do it as he suggests.

@Witko Witko closed this as completed May 3, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@lilydjwg @Witko @xiamaz @ExoticMatter @mcku