Is there a way in Linux where one non root user can check if another non root user is using OpenSSL or not without sudo permission?

Question

Consider this scenario where User-A and User-B are both non-root user are running inside a server.

User-A is running different Program P1 (pid-2814),P2(pid-2815) whereas User-B is running different Program M1(pid-3810),M2(pid-3811).

Process P1 of User-A and Process M1 of User-B are using OpenSSL.

When User-A, executes this command

lsof | grep '/usr/lib/libcrypto.so.1.0.0.1'

output shows, Process P1 is using OpenSSL.

P1       2814  User-A  mem       REG        8,6  1633692    3812058 /usr/lib/libcrypto.so.1.0.0.1

The above command donot display Process M1 of User-B is also using OpenSSL.

When User-A, executes below command

sudo lsof |grep '/usr/lib/libcrypto.so.1.0.0.1'   // This is valid ONLY when User-A has sudo permission

it display that Process P1 of User-A and Process M1 of User-B are using OpenSSL.

P1       2814  User-A  mem       REG        8,6  1633692    3812058 /usr/lib/libcrypto.so.1.0.0.1
M1       3810  User-B  mem       REG        8,6  1633692    3812058 /usr/lib/libcrypto.so.1.0.0.1

Is there any way to find out Process M1 of User-B (non-root user) is using OpenSSL from User-A (another non-root user ) without sudo permission ?

Note : With fuser command I am getting similar results.

without sudo permission, ONLY Process P1 is using OpenSSL.

fuser -v '/usr/lib/libcrypto.so.1.0.0.1'

and with sudo permission, output shows both Process P1 and M1 are using OpenSSL.

sudo fuser -v '/usr/lib/libcrypto.so.1.0.0.1'

I am using Debian/Ubuntu. Any link of clue to achieve the above will be highly appreciated. Thanks in advance.

score 0 · Answer 1 · answered Jun 02 '16 at 08:54

0

If you have access to the executables you can use ldd /usr/bin/progname to see what libraries are linked to without requiring any elevated rights.

answered Jun 02 '16 at 08:54

HBruijn

77,029
24
135
201

m13r · Answer 2 · 2016-06-07T06:28:45.070

This would be a simple script to list the programs which a specific user is executing and then checking all the programs whether they using a specific library:

USER="www-data"
LIB="libcrypto"

while read line; do
    arr=( $line )
    com="${arr[0]}"

    # only programs with absolute paths (?)
    if [ "${com:0:1}" != "/" ]; then
        continue
    fi

    echo -n "${com} "

    ldd "${com}" | grep "${LIB}" > /dev/null

    if [ $? = 1 ]; then
        echo "NO"
    else
        echo "YES"
    fi
done < <(ps -o command -u "${USER}" | cut -d " " -f 1 | sort -u)

Is there a way in Linux where one non root user can check if another non root user is using OpenSSL or not without sudo permission?

2 Answers2