检查在Golang中应用程序是否以管理员身份运行

huangapple go评论84阅读模式
英文:

Check if application is running as administrator in golang

问题

在Google Go应用程序中,检查当前进程是否以管理员身份运行的最简单方法是什么?

英文:

In a Google Go application what is the easiest way to check if the current process is running as an administrator?

答案1

得分: 3

简短的回答是使用user.Current然而...

你需要找到一种方法,通过给定的user.User结构体,确定用户是否为root。这个问题你需要自己解决。更重要的是,你不应该将其用于安全目的。在不被运行程序的人欺骗的情况下,确定当前用户是否为root非常棘手。例如,在Linux上使用setuid二进制文件的天真实现将容易受到用户使用LD_PRELOAD来欺骗二进制文件以为自己正在以root身份运行的攻击。确保你要么a) 理解了这个方法的确切语义,并且确信用户无法绕过它(如果选择这条路线,你应该看看其他人是否已经找到了解决方法),要么b) 不要基于这个信息做出任何安全关键的决策。

英文:

The short answer is to use user.Current. HOWEVER...

You will need to find a way to, given the user.User struct, figure out whether the user is root. You'll have to figure that one out on your own. More importantly, you should not use this for security purposes. Figuring out whether the current user is root without being lied to by the person running the program is very tricky. For example, a naive implementation of this on Linux with a setuid binary would be vulnerable to the user using LD_PRELOAD to trick the binary into thinking it was running as root. Make sure that you either, a) understand the exact semantics of this and are convinced there is no way to circumvent it by the user (and if you choose this route, you should probably just see if others have figured it out), or, b) do not make any security-critical decisions based on this information.

huangapple
  • 本文由 发表于 2014年12月9日 04:28:06
  • 转载请务必保留本文链接:https://go.coder-hub.com/27366298.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定