Best way to gain root privileges

[John Pinner]

On Feb 17, 3:32 pm, GSO <gso... at yahoo.co.uk> wrote:
> > I'm having a awfully hard time figuring out why a home CCTV
> > application might need privilege at all.  Are you sure you really need
> > privilege?  It sounds to me like there may be some larger design
> > issues mandating the need for privilege when it's not really
> > necessary.
>
> A user login should only able to view the footage.  It's important
> that a user login cannot delete any images/video.  This much can be
> done with ACL - but having said that a user login would still be able
> to copy the images/video, so ACL would work but is not ideal - I could
> prevent copying with raised privileges.  If I were to allow a user to
> archive footage without using an admin login then that would require
> ACL with write access, which is out of the question.

Uour origianl questions was:

I'm sure this question is as old as time, but what is the best way to
gain root privileges?  (Am using Python 2.6.5, pygtk2 v2.16, Gtk
v2.18.9, on RHEL6.)

To which I would say, redesign the app so that you do not need root
privileges. There has been plentiful advice in this thread already,
but I would add:

Now that you've said what the requirement is, why don't you work with
the OS instead of against it?

Linux and, to a lesser extent, Unix have the ability to set 'setuid',
'setgid' and 'sticky' bits on a directory's permissions, so if, for
example the setgid bit is set, then all files created in that
directory will belong to the group owning the directory. The sticky
bit ensures that only the super user or the file owner may delete a
file in the directory. See the chmod manual entry - man chmod - for
details. You would need to be root to set this up initially.

I think that using this mechanism, together with an appropriate umask
or mode setting, should satisfy your requirements, without potential
security breakages.

Best wishes,

John
--