Date: Wed, 07 May 1997 00:44:55 +0100 From: Brian Somers <brian@awfulhak.org> To: joelh@gnu.ai.mit.edu Cc: brian@awfulhak.org, freebsd-hackers@freebsd.org Subject: Re: setuid() Message-ID: <199705062344.AAA14409@awfulhak.demon.co.uk> In-Reply-To: Your message of "Tue, 06 May 1997 19:34:19 EDT." <199705062334.TAA26798@ethanol.gnu.ai.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
>
> >>> Does anyone know the rationale behind setuid() not allowing
> >>> a regular user to change to its effective uid ?
> >> main() { setuid(0); execlp("sh", "sh", NULL); }
> > Here, the setuid fails 'cos you havn't got an euid of zero. That's
> > not the question, but thanks anyway.
>
> You had me wondering. I had interpreted 'regular user' to mean
> 'someone with euid != 0', and the program I described was an example
> of what could happen if a regular user could change his euid.
>
> What do you mean, then?
I mean a program owned by (say) brian with the suid bit set:
-r-sr-xr-x 1 brian research 19755 May 7 00:32 myprog
If it says "setuid(geteuid())", it fails. Although, as someone
already pointed out,
euid = geteuid();
setreuid(euid,euid);
works as expected. To make matters worse, the setreuid() man
page suggests using setuid() if you wish to set the same uid
and euid, and the setuid() page says you can't do this
(documentation says what the function does).
I've cross-posted to freebsd-hackers. I'm sure there's a
reason for this..... ????? Any comments ?
> Happy hacking,
> joelh
>
> --
> http://www.wp.com/piquan --- Joel Ray Holveck --- joelh@gnu.ai.mit.edu
> All my opinions are my own, not the Free Software Foundation's.
>
> Second law of programming:
> Anything that can go wrong wi
> sendmail: segmentation violation -- core dumped
--
Brian <brian@awfulhak.org>, <brian@freebsd.org>
<http://www.awfulhak.org>;
Don't _EVER_ lose your sense of humour....
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199705062344.AAA14409>