I want to have root privileges on startup and drop them later. Background is a server written with NodeJS on Ubuntu 24.04 that needs to read in a private key. I followed these instructions using process.setgid() and process.setuid() and after that elevating privileges back doesn’t work.
But I saw that process.env wasn’t updated. It still shows user as root, but the fields SUDO_USER, SUDO_UID and SUDO_GID where added with correct values.
Curious I tried to read a root-only file after dropping privileges and it still worked. I tried reading other root-only files and it worked.
So what am I doing wrong or am I forgetting, because what’s the point in dropping root privileges when I can still read root-only files.
You need to sign in to view this answers
