Date: Wed, 29 May 2002 00:28:21 +0200 From: "Daniel Blankensteiner" <db@traceroute.dk> To: "Jonathan Chen" <jonc@chen.org.nz> Cc: <freebsd-questions@freebsd.org> Subject: Re: I386<<FreeBSD 4.5<<getlogin() Message-ID: <00f501c20696$f970de60$6800a8c0@rafter> References: <005401c2068a$35c1ebf0$6800a8c0@rafter> <20020529100157.B60716@grimoire.chen.org.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Jonathan Chen" <jonc@chen.org.nz> > On Tue, May 28, 2002 at 10:56:54PM +0200, Daniel Blankensteiner wrote: > > I have found a weird problem using getlogin() or maybe it is just me that > > is weird ;-) > > [...] > > db# su testuser > > ~% whoami > > testuser > > ~% ./test > > You are logged in as: root > > Your group number is: 1000 > > Your uid is: 1000 > > What is going on? If I ssh to the computer and log in as testuser, the > > program > > works fine. Programs(proccess) that change user and use getlogin() may have > > a security problem or am I just missing som "su" info? > > btw what is the difference between a real and effective user? > > getlogin() is working fine. You should be using getuid(2) and geteuid(2) > to determine real and effective user. But why does getlogin() give me "root", when I have su'ed to testuser? And what is the difference between a real and effective user? br db To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00f501c20696$f970de60$6800a8c0>