StarDestroyer.Net BBS

So I'm curious about something, and I haven't been able to find any documentation on it with a round of Googling. What's the generally-recommended method for elevating privileges on Linux?

I'm sure it varies from distro to distro, but say the user is working in a GUI app (launched as a normal user), and that GUI app needs to write to a location that only root can write to. What should the developer do? Spawn a setuid-root helper process? Is there API for this sort of thing in most distros? I haven't found any documentation on this specific problem.

I read about PolicyKit on Ars a short while ago, and that may end up being the standardized method for fine-grained, secure privilege escalation. Other than that, though, I think you may well be limited to a helper process and then using IPC. HAL and NetworkManager do that, IIRC.

Admin tools on GNOME generallyuse gksudo to either launch a helper or relaunch themselves, asking for the root password and run w/ root privileges. Another option would be to add the user to a group and make the file restricted to that group if it's not important write access be restricted.

Kdesu is the KDE equivalent of gksudo. Neither is Linux-specific; they'll run on any system that KDE and GNOME run on (with Sudo, of course).

It's probably best to use the GUI implementations of su/sudo like gksudo or gksu, since then you don't have to bother asking the password yourself (which is liable to introduce security holes).

A big question is going to be how often this program is going to be needing to do its operations it needs to be root. If its one or two times, and it only is doing minor stuff as root, that it just has to be root because of the security model, then by all means have something like the GUI sudo stuff, or a spawning a child that can do it.

But if its going to be doing a LOT of work as the super user, then you might consider making the program only something a high level user can run...