From owner-cvs-lib Wed Mar 26 19:13:29 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id TAA28111 for cvs-lib-outgoing; Wed, 26 Mar 1997 19:13:29 -0800 (PST) Received: from spinner.DIALix.COM (root@spinner.dialix.com [192.203.228.67]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id TAA28099; Wed, 26 Mar 1997 19:13:11 -0800 (PST) Received: from spinner.DIALix.COM (peter@localhost.DIALix.oz.au [127.0.0.1]) by spinner.DIALix.COM (8.8.5/8.8.5) with ESMTP id LAA04087; Thu, 27 Mar 1997 11:12:08 +0800 (WST) Message-Id: <199703270312.LAA04087@spinner.DIALix.COM> X-Mailer: exmh version 2.0gamma 1/27/96 To: Poul-Henning Kamp cc: Bill Fenner , ache@nagual.ru, imp@village.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-lib@freefall.freebsd.org Subject: Re: cvs commit: src/lib/libtermcap pathnames.h termcap.c In-reply-to: Your message of "Mon, 24 Mar 1997 19:17:22 +0100." <228.859227442@critter> Date: Thu, 27 Mar 1997 11:12:08 +0800 From: Peter Wemm Sender: owner-cvs-lib@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Poul-Henning Kamp wrote: > In message <97Mar24.094840pst.177486@crevenia.parc.xerox.com>, Bill Fenner wr it > es: > >I think a lot would be solved by having a library function like > >access() that also accepts a UID. Then the don't-let-people-access- > >files-in-a-setuid-program-that-they-wouldn't-normally-have-access-to > >problem, instead of being solved in N different setuid programs, > >could be solved once. > > Well, access_as(2) alone will not do it, you would need a open_as(2), > unlink_as(2), rename_as(2) and so on... Err, yeah. I knew that.. :-) Please ignore my previous simplistic reply about access. :-). With setfsuid() etc in a setuid process, you'd do this: setfsuid(getuid()); fd = open(..) setfsuid(geteuid()); And similar for daemons that are running as root but want to access files as a user, eg: ftpd. It works for open, unlink, rename, link, chmod, etc etc, the entire set of VFS syscalls. Cheers, -Peter