From owner-freebsd-audit  Thu May 10  3:54:31 2001
Delivered-To: freebsd-audit@freebsd.org
Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16])
	by hub.freebsd.org (Postfix) with ESMTP
	id 95B5337B422; Thu, 10 May 2001 03:54:27 -0700 (PDT)
	(envelope-from bde@zeta.org.au)
Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102])
	by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id UAA31793;
	Thu, 10 May 2001 20:54:21 +1000
Date: Thu, 10 May 2001 20:52:50 +1000 (EST)
From: Bruce Evans <bde@zeta.org.au>
X-Sender: bde@besplex.bde.org
To: Ruslan Ermilov <ru@FreeBSD.ORG>
Cc: Kris Kennaway <kris@obsecurity.org>, audit@FreeBSD.ORG
Subject: Re: ping6 fixes
In-Reply-To: <20010510124858.D19855@sunbay.com>
Message-ID: <Pine.BSF.4.21.0105102044460.1933-100000@besplex.bde.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Thu, 10 May 2001, Ruslan Ermilov wrote:

> On Wed, May 09, 2001 at 08:37:40PM -0700, Kris Kennaway wrote:
> > On Wed, May 09, 2001 at 04:20:44AM +1000, Bruce Evans wrote:
> > 
> > > I think I now understand the purpose of seteuid() before seteuid().
> > 
> > Me too.  Thanks, all.
> > 
> /me still doesn't.
> 
> As I said, this would only be meaningful if:
> 
> 1)  we follow POSIX.1-200x

I'm stll not sure about this (haven't seen POSIX.any-200x...).

> - and -
> 
> 2)  the process doesn't have "appropriate privilege" initially,
>     i.e., it's not setuid root (not the case here).

It saves you from having to know much about the current ids.  (Not a
good reason, since you really should understand the current ids in
set*id programs.  And you really should check that set*id() succeeded...)

Bruce


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message