setuid (euid) after setuid (uid) on System 5

Leslie Mikesell les at chinet.chi.il.us
Sun Mar 26 07:18:29 AEST 1989


In article <9915 at smoke.BRL.MIL> gwyn at brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>) writes:

>>Both BSD and S5 flavors of "setuid" can be implemented atop "setreuid".

>I don't think the "saved set-UID" feature can be emulated using setreuid().
>Ron Natalie and I looked into this a few years ago and decided that a
>simple semantic extension to setreuid() could be made that would enable
>full emulation of saved set-UID, and that our extension would not cause
>any new security holes.

How about a 3-argument function to set effective, real, and saved set-uid
that is only allowed for root.  Then a process running as root could
start a child which would be allowed to flip between two different ids,
neither required to be 0. 


Les Mikesell



More information about the Comp.unix.wizards mailing list