Use Java fork privilege

Java

I am writing a server program in Java that allows users to submit jobs using drmaa Although the main server process runs as root, all it does is authenticate the user, then start another Java program running as the user, and actually complete the work to comply with the principle of minimizing permissions Initially, I used runtime Exec () and sudo (the following example) do this. This works normally until the process is tampered with. At this time, sudo is frustrated because there is no terminal

String[] command = {"sudo","-i","-u",username,java,theOtherJavaProgram};
Runtime.getRuntime().exec(command,null,getHomeDirectory(username));

What is the best way to execute this forked privilege pattern in Java when running as a daemon? Is there a way? Do I have to break C and learn how to create a JVM using JNI?

Solution

You can replace sudo (8) with Su (1) Su (1) is less involved and may not want the terminal itself (of course, if your PAM configuration requires Su (1) terminal input, this may not be good.)

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>