From owner-freebsd-hackers Mon Mar 24 21:32:51 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id VAA19334 for hackers-outgoing; Mon, 24 Mar 1997 21:32:51 -0800 (PST) Received: from rover.village.org (rover.village.org [204.144.255.49]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id VAA19329 for ; Mon, 24 Mar 1997 21:32:47 -0800 (PST) Received: from rover.village.org [127.0.0.1] by rover.village.org with esmtp (Exim 0.56 #1) id E0w9Oqk-0000O8-00; Mon, 24 Mar 1997 22:32:46 -0700 To: hackers@freebsd.org Subject: A good way to... Date: Mon, 24 Mar 1997 22:32:45 -0700 From: Warner Losh Message-Id: Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk OK. I'm looking for some good code that will drop privs, do some operation, and the restore privs. I'm not sure what the best way to do this. I'm thinking it is uid_t xxx, yyy; xxx = geteuid(); yyy = getegid(); seteuid(getuid()) setegid(getgid()) (eg fopen(zzz, "r");) seteuid(xxx); setegid(yyy); I think this does what I want to do, but can someone punch some holes into this before I commit code like this? Why am I asking this? It turns out that I'm starting to get reports of unintended side effects of some of the checkins that I made It would help if I was able to reproduce the problems here :-(. At least some of them should just drop and raise privs "like" this. This stuff always makes my head spin.... Also, if someone or someones would like to review anything that I do, please let me know. Warner