checking disk space from c program
Stephen J. Friedl
friedl at vsi.UUCP
Mon Apr 11 03:26:34 AEST 1988
In article <3431 at csli.STANFORD.EDU>, gandalf at csli.STANFORD.EDU (Juergen Wagner) writes:
> Yes, there is a way to find out the space available on the file system
> a particular file resides on. The only problem is that you have to setuid to
> root to be able to read the disk device. Normal users will have to use df.
>
> Here comes a small program which does the job (usage: "d <file>" tells you
> the free space on the file system of <file>).
>
> [small program text here]
No comments on the code included, but you might not need to
make the program setuid root. Many systems have their disk
devices owned and grouped (grouped?) by other users.
0 brw-r----- 1 root sys 17, 16 Jun 27 1987 /dev/dsk/c1d1s0
If you are writing your program to include this code, look at
the group (and mode, of course) to see if you can exploit a
lesser id. In the above example, the program could be set-group-id
`sys' rather than set-user-id `root'. Better from a lot of points
is to just popen("df") (or the sample "d" program) and read the
output; then the program is still safe and effective.
Please do not take setuid or setgid lightly. You may be writing
for some small single-user machine (your Unix PC, an AT with
uport, etc.), but you will move on someday. Or, perhaps, you
will submit your program to the net and lots of other people on
more lively machines will use it. If you make it a habit to not
put in security holes when it doesn't matter, then you will be
that much farther ahead when it does matter. BTW, portability
works the same way...
I welcome all questions on setuid/setgid topics via email.
--
Steve Friedl V-Systems, Inc. "Yes, I'm jeff at unh's brother"
friedl at vsi.com {backbones}!vsi.com!friedl attmail!vsi!friedl
More information about the Comp.unix.questions
mailing list