From owner-freebsd-current Fri Dec 13 12:15:21 1996 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id MAA10002 for current-outgoing; Fri, 13 Dec 1996 12:15:21 -0800 (PST) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.211]) by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id MAA09992 for ; Fri, 13 Dec 1996 12:15:13 -0800 (PST) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id MAA15679; Fri, 13 Dec 1996 12:52:16 -0700 From: Terry Lambert Message-Id: <199612131952.MAA15679@phaeton.artisoft.com> Subject: Re: setgid() semantics To: bde@zeta.org.au (Bruce Evans) Date: Fri, 13 Dec 1996 12:52:16 -0700 (MST) Cc: adam@veda.is, freebsd-current@FreeBSD.ORG In-Reply-To: <199612131008.VAA28452@godzilla.zeta.org.au> from "Bruce Evans" at Dec 13, 96 09:08:04 pm X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-current@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > This was a security change. Both behaviours are POSIX conformant. > > Gids can be switched securely using the following models: > > BSD4.4Lite: > Use setegid() to switch between the real gid and the saved gid. > (The saved gid is initially the effective gid.) Use setgid() to set > all the ids to the same value. Do not use setrgid() or setregid(). > These functions are just wrappers around setegid(). They never change > the saved gid, and have other problems. > > FreeBSD-current: > Use setregid() to switch gids as usual. Use setregid(uid, uid) or > or setgid(uid) to set all the ids to the same value. You can also > use the BSD4.4Lite model, but this is probably less portable. And if you need to make the effective gid the real gid to violate security anyway (like running "enable" or "disable" on SCO to toggle logins on ports), use: system( "sh -c program"); To make the egid and gid match and be the priviledged value for "program". Ie: it doesn't make any *real* security fix. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.