home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.unix.aix
- Path: sparky!uunet!haven.umd.edu!darwin.sura.net!gatech!bloom-beacon!bloom-picayune.mit.edu!athena.mit.edu!lwvanels
- From: lwvanels@athena.mit.edu (Lucien W. Van Elsen)
- Subject: Re: setreuid() broken?
- In-Reply-To: gamiddle@math.waterloo.edu's message of Thu, 23 Jul 1992 22:41:04 GMT
- Message-ID: <LWVANELS.92Jul27111601@fionavar.mit.edu>
- Sender: news@athena.mit.edu (News system)
- Nntp-Posting-Host: fionavar.mit.edu
- Reply-To: lwvanels@MIT.EDU
- Organization: Massachusetts Institute of Technology
- References: <1992Jul23.224104.19277@math.waterloo.edu>
- Date: Mon, 27 Jul 1992 15:16:28 GMT
- Lines: 26
-
- gamiddle@math.waterloo.edu (Guy Middleton) writes:
-
- > Sorry if this has been mentioned here before, but I just started reading this
- > newsgroup. setreuid() doesn't seen to work right:
- ...
- > This is crazy. If my uid and euid are 0, how could I possibly get an
- > EPERM error?
- > Is there any way to get this to do what I expect?
-
- You cannot change the effective UID without changing the real uid as well;
- this is documented in the setreuid "man page". Theoretically, to do want
- you want, you'd use setuidx(ID_REAL|ID_EFFECTIVE,200)). A similar call
- later on can set the real and effective uid's back to 0, since the saved uid
- is still 0.
- However, there is a problem with this that Charles Hannum
- (mycroft@ai.mit.edu) reported while back; I do not know whether it has been
- resolved it. Apparently, setuidx() "does not change priviledge vectors" as
- setuid and seteuid do, which still allows the process to access files as if
- it were root. Unfortunately, unless it has been fixed, you can't get the
- effect you wish.
-
- -Lucien
-
- ----------------------------------------------------------------------------
- Lucien Van Elsen | lwvanels@athena.mit.edu
- MIT Athena Systems Development |
-
