I was learning homebrew by using it to install some applications. Homebrew downloads source, and compiles applications which appear in your home folder. All of its operations occur in the home folder, limiting any damage it or you can cause and making it easy to toss an application you do not need.
Homebrew has very verbose output and creates an very compressive log of its actions so it is easier to follow along with what it is doing, and how the whole process works. I chose to install htop figuring it was small and command line so it would be rather simple. It was not bad, but it did have more dependencies than I would have thought.
When the install finished there was message. "htop does not have access to running system processes, so to include system processes in the output please run "sudo htop." I understand that since it is running from my home folder it would have no more privileges than I do. And running htop and sudo htop does indeed provide different output.
If htop is installed via a package manager (or included in the OS install) there is no difference between htop and sudo htop. Which leads me to wonder why htop running without elevated privileges can access root processes on any install. Is that a security hole waiting to be exploited? But top and men also access root processes, so it seems Linux must have some mechanism to grant some rights to applications, while insuring these applications do not lead to exploits.
Compiling & Installing htop with homebrew
Re: Compiling & Installing htop with homebrew
OH yeah, there's several ways of doing it. You can do it with the SUID on the executable itself, or with group permissions and SGID. There's other ways as well, but those are by far the easiest 2.
A good example that should be on all modern Linux systems is the /usr/bin/passwd file. Due to it needing to modify /etc/passwd and /etc/shadow when invoked, it MUST run with root privelages. So if you look at it, it's got the SUID for the executable (notice it's not rwxr-xr-x, it's rwsr-xr-x)
A good example that should be on all modern Linux systems is the /usr/bin/passwd file. Due to it needing to modify /etc/passwd and /etc/shadow when invoked, it MUST run with root privelages. So if you look at it, it's got the SUID for the executable (notice it's not rwxr-xr-x, it's rwsr-xr-x)
Code: Select all
.rwsr-xr-x 63k root root 7 Feb 2020 passwd
Re: Compiling & Installing htop with homebrew
Thanks for the explanation. The concept behind permission is fairly plain and straightforward. The implementation of them can be complex and bewildering. On the AIX system there was a GUI for handling users and groups, and it was was nicely laid out with excellent documentation. Permissions are very powerful. I dealt with just users and groups and until the other night I am sure I never gave a moments thought as to how or even if applications would use permissions and I just incorrectly guessed that permissions for application would just be whatever permission the user calling the application had.