From: utzoo!decvax!ucbvax!ucbcad:tektronix!zehntel!sytek!menlo70!hao!seismo!rlgvax!guy
Newsgroups: net.unix-wizards
Title: Re: root executing setuid programs
Article-I.D.: rlgvax.153
Posted: Sun Mar 27 21:37:24 1983
Received: Thu Mar 31 01:00:53 1983
References: sri-arpa.693

1) If "root" executes a set-UID program under USG UNIX 5.0, I believe that
the set-UID still takes effect.

2) Under USG UNIX 3.0 and later, you can have a creat-lock mechanism that
works even for the super-user.  Just don't use "creat"; use "open" instead.
USG 3.0 (and, I believe, 4.2BSD) have made "open" a superset of "creat",
which makes a lot of sense; why have two system calls when one will do?
Furthermore, "open" can set various file-descriptor flags AND can leave the
file descriptor open for reading AND writing after a create!  You use the
call:

	open(pathname, (open_mode)|O_CREAT|O_EXCL, creatmode);

where "open_mode" is either O_WRONLY for a write-only file descriptor
(O_WRONLY is a #define of 1, of course) or O_RDWR for a read/write file
descriptor (O_RDWR is, of course, a #define of 2).  This means:

If the file does *not* exist, create it with mode "creatmode" and leave the
resulting file descriptor open in the desired mode.

If the file *does* exist, return an error.

A clean and simple solution to a problem that has been in UNIX for a long
while.  I think 4.2BSD has a USG-style "open", too...

					Guy Harris
					RLG Corporation
					seismo!rlgvax!guy