From owner-freebsd-current  Wed Feb  5 16:45:31 2003
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id BCA6C37B401; Wed,  5 Feb 2003 16:45:30 -0800 (PST)
Received: from bluejay.mail.pas.earthlink.net (bluejay.mail.pas.earthlink.net [207.217.120.218])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 21AA343F93; Wed,  5 Feb 2003 16:45:30 -0800 (PST)
	(envelope-from tlambert2@mindspring.com)
Received: from pool0205.cvx21-bradley.dialup.earthlink.net ([209.179.192.205] helo=mindspring.com)
	by bluejay.mail.pas.earthlink.net with asmtp (SSLv3:RC4-MD5:128)
	(Exim 3.33 #1)
	id 18gaAS-0002YA-00; Wed, 05 Feb 2003 16:45:29 -0800
Message-ID: <3E41AF21.F55C313F@mindspring.com>
Date: Wed, 05 Feb 2003 16:41:05 -0800
From: Terry Lambert <tlambert2@mindspring.com>
X-Mailer: Mozilla 4.79 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: "Jacques A. Vidrine" <nectar@FreeBSD.org>
Cc: Anoop Ranganath <anoop@ranganath.com>,
	freebsd-current@freebsd.org
Subject: Re: tmpfile breakage on setuid executables
References: <00e201c2cd5b$14f31c30$0c02040a@ranganath> <3E41846A.39AAE406@mindspring.com> <015c01c2cd60$7b6dc0a0$0c02040a@ranganath> <3E418C3C.F4B99C78@mindspring.com> <3E419743.6144BE0B@mindspring.com> <20030205232854.GC86606@opus.celabo.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a41f3edfda2c3a401ba76b41bfae4d1a5393caf27dac41a8fd350badd9bab72f9c350badd9bab72f9c
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

"Jacques A. Vidrine" wrote:
> > Apparently, there was a bug fixed in 4.7 -> 5.0, where the
> > effective UID was being tested instead of the real UID.
> >
> > This is probably something that someone should MFC.
> 
> Really?  I just took a quick look at this, but I have to shove off
> for now.  In initial tests, I get the different results depending on
> whether I'm using static or dynamic linking.  But maybe it's me, I'll
> look more carefully later.
> 
> How about pointing out the bug you found?

Hand me the pointy hat.  The "bug" was that my test program
seperated the operation into a function so I could try different
crap, and adding the setuid(geteuid()) put a zero on the stack
in the stack position Mike discovered was being used uninitialized.

Really bizarre.  Shouldn't compiling that stdio code have cause a
warning?!?  Is optimization disabled for the stdio code?!?

-- Terry

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message