Ensure that root user is running the client program that is trying to connect the server program

I have a server program which listens on a particular port. I have a req开发者_运维知识库uirement where client program that tries to connect to my server must be initiated by a root user. How do I ensure this in the server program?

How do I ensure [anything about the client program] in the server program?

You can't. If your security model requires the server to know whether client is root, you don't have security.

Let's consider one possibility: your network protocol includes a notification like this:

My-Uid-Is: 0

Your client, the perfectly secure version that you wrote, might implement this notification like this:

fprintf(socketFd, "My-Uid-Is: %d\n", getuid()); // send server my identity

But, my client, the one what I wrote without your knowledge or consent, will implement the notification like this:

fprintf(socketFd, "My-Uid-Is: 0\n"); // lie to server about my identity

Pop quiz: how can your server know whether it is talking to your truthful client, or my lying client? Answer: it can't. In fact, if you generalize this concept, you realize that the server can't rely upon the validity (whether that means the truthfulness, the format, the range-checking, etc.) of anything the client says.

In this specific case, using the clients source port number is as unreliable as any other choice. Yes, many operating systems require root privileges to bind to low-numbered source ports. But my PC might not be running your favorite operating system. I might be connecting from my own PC running my own OS which doesn't have that feature. Remember: you can't trust anything the client says.

There are techniques involving public-key encryption that can be used to guarantee that the program you are talking to has access to specific secrets. That, assuming that the secrets are adequately protected, can be used to guarantee that a specific person, computer, or account generated the request. I'll let someone else discuss PKI and how it might apply to your situation.

The client should bind to a port below 1024 before connecting. This port range is reserved for root.