Date: Wed, 29 May 2002 10:01:57 +1200 From: Jonathan Chen <jonc@chen.org.nz> To: Daniel Blankensteiner <db@traceroute.dk> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: I386<<FreeBSD 4.5<<getlogin() Message-ID: <20020529100157.B60716@grimoire.chen.org.nz> In-Reply-To: <005401c2068a$35c1ebf0$6800a8c0@rafter>; from db@traceroute.dk on Tue, May 28, 2002 at 10:56:54PM %2B0200 References: <005401c2068a$35c1ebf0$6800a8c0@rafter>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, May 28, 2002 at 10:56:54PM +0200, Daniel Blankensteiner wrote: > Hi all > I have found a weird problem using getlogin() or maybe it is just me that > is weird ;-) [...] > db# su testuser > ~% whoami > testuser > ~% ./test > You are logged in as: root > Your group number is: 1000 > Your uid is: 1000 > What is going on? If I ssh to the computer and log in as testuser, the > program > works fine. Programs(proccess) that change user and use getlogin() may have > a security problem or am I just missing som "su" info? > btw what is the difference between a real and effective user? getlogin() is working fine. You should be using getuid(2) and geteuid(2) to determine real and effective user. -- Jonathan Chen <jonc@chen.org.nz> ---------------------------------------------------------------------- "A person should be able to do a small bit of everything, specialisation is for insects" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020529100157.B60716>