From owner-freebsd-questions@FreeBSD.ORG Wed Jan 23 21:53:54 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id E266CDBA for ; Wed, 23 Jan 2013 21:53:54 +0000 (UTC) (envelope-from bonomi@mail.r-bonomi.com) Received: from mail.r-bonomi.com (mx-out.r-bonomi.com [204.87.227.120]) by mx1.freebsd.org (Postfix) with ESMTP id 903E5259 for ; Wed, 23 Jan 2013 21:53:54 +0000 (UTC) Received: (from bonomi@localhost) by mail.r-bonomi.com (8.14.4/rdb1) id r0NLvOir062346; Wed, 23 Jan 2013 15:57:24 -0600 (CST) Date: Wed, 23 Jan 2013 15:57:24 -0600 (CST) From: Robert Bonomi Message-Id: <201301232157.r0NLvOir062346@mail.r-bonomi.com> To: freebsd-questions@freebsd.org, martin@dc.cis.okstate.edu Subject: Re: Setuid binaries and File Ownerships in FreeBSD9.0 In-Reply-To: <201301232026.r0NKQGqF070301@x.it.okstate.edu> X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jan 2013 21:53:54 -0000 > From: Martin McCormick > To: FreeBSD Questions > Subject: Setuid binaries and File Ownerships in FreeBSD9.0 > Date: Wed, 23 Jan 2013 14:26:16 -0600 > [[.. sneck ..]] > When the application first runs, it gets the UID and GID > of the user and uses > > setuid(heruid); and setgid(hergid); to temporarily downgrade and > those files are owned by the right user but setuid(0); doesn't > appear to upgrade back to root. > > Is there any other strategy that gets one back to root > short of using chown and then a system call and never > downgrading privilege? man setEuid