setuid (euid) after setuid (uid) on System 5
Leslie Mikesell
les at chinet.chi.il.us
Sun Mar 26 07:18:29 AEST 1989
In article <9915 at smoke.BRL.MIL> gwyn at brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>) writes:
>>Both BSD and S5 flavors of "setuid" can be implemented atop "setreuid".
>I don't think the "saved set-UID" feature can be emulated using setreuid().
>Ron Natalie and I looked into this a few years ago and decided that a
>simple semantic extension to setreuid() could be made that would enable
>full emulation of saved set-UID, and that our extension would not cause
>any new security holes.
How about a 3-argument function to set effective, real, and saved set-uid
that is only allowed for root. Then a process running as root could
start a child which would be allowed to flip between two different ids,
neither required to be 0.
Les Mikesell
More information about the Comp.unix.wizards
mailing list