From owner-freebsd-security Fri Apr 28 08:48:50 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id IAA16858 for security-outgoing; Fri, 28 Apr 1995 08:48:50 -0700 Received: from sequent.kiae.su (sequent.kiae.su [144.206.136.6]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id IAA16852 for ; Fri, 28 Apr 1995 08:48:46 -0700 Received: by sequent.kiae.su id AA06827 (5.65.kiae-2 ); Fri, 28 Apr 1995 19:41:34 +0400 Received: by sequent.KIAE.su (UUMAIL/2.0); Fri, 28 Apr 95 19:41:33 +0400 Received: (from ache@localhost) by astral.msk.su (8.6.8/8.6.6) id TAA00794; Fri, 28 Apr 1995 19:39:43 +0400 To: sa2c@st.rim.or.jp, security@FreeBSD.org References: <199504280436.NAA00812@us.and.or.jp> In-Reply-To: <199504280436.NAA00812@us.and.or.jp>; from NIIMI Satoshi at Fri, 28 Apr 1995 13:36:14 +0900 Message-Id: Organization: Olahm Ha-Yetzirah Date: Fri, 28 Apr 1995 19:39:43 +0400 X-Mailer: Mail/@ [v2.32 FreeBSD] From: "Andrey A. Chernov, Black Mage" X-Class: Fast Subject: Re: Call for remove setr[ug]id() and setre[ug]id() from libc Lines: 31 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Length: 1284 Sender: security-owner@FreeBSD.org Precedence: bulk In message <199504280436.NAA00812@us.and.or.jp> NIIMI Satoshi writes: >I've noticed with -current that when euid is not equal to ruid, >setuid(euid) fails but setreuid(euid, euid) successes. >But once setreuid(euid, -1) or setreuid(euid, euid), setuid(euid) >sccesses. >Please unify the rule for setre[ug]id() and set[ug]id(): >a) It is possible to change ruid if target is same as saved uid. >or >b) Only the superuser can change ruid. >IMHO: There is no need to give users the pass to change real user id. >The main aim of setre[ug]id() in 4.3BSD was to change e[ug]id. This >can be done by only sete[ug]id() in 4.4BSD. When we follow BSD 4.4 rule, we need to remove setre*() completely, because they cause very big confusion for all pgms which expects 4.2 way. Recently I call core team about removing them, but peoples prefer to implement them correctly (4.2 way) instead of removing. So, I do it. Now it is impossible to unify rule: it divides to POSIX and non-POSIX behaviour. -- Andrey A. Chernov : And I rest so composedly, /Now, in my bed, ache@astral.msk.su : That any beholder /Might fancy me dead - FidoNet: 2:5020/230.3 : Might start at beholding me, /Thinking me dead. RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849