Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!lll-crg!nike!ucbcad!ucbvax!hplabs!hpcea!hpfcdc!rml
From: rml@hpfcdc.HP.COM (Bob Lenk)
Newsgroups: net.bugs.usg
Subject: Re: Problems with setuid(), SVr2v2
Message-ID: <1930001@hpfcdc.HP.COM>
Date: Fri, 26-Sep-86 15:03:18 EDT
Article-I.D.: hpfcdc.1930001
Posted: Fri Sep 26 15:03:18 1986
Date-Received: Thu, 2-Oct-86 20:51:57 EDT
References: <4100002@siedap.UUCP>
Organization: HP Ft. Collins, Co.
Lines: 23

The manual does not reflect the implementation in three areas:

	1) If the caller's effective uid is 0, setuid sets
	   all of the effective, real, and saved uids.  Thus
	   there is no way to toggle back.

	2) A setuid(0) call fails if the current effective uid
	   is not 0, even if the real uid or saved set-user id
	   is 0 (the latter is actually impossible because of 
	   (1) above).

	3) The saved set-group id is not implemented.

This is true of all variants of S5R2 that I have seen (not necessarily
all versions that exist).  I believe that (2) and (3) are changed in
S5R3.  It seems that (1) causes your problems (although you would run
into (2) if (1) did not exist).

One possible workaround is to fork a child process and have it
setuid(getuid()) and do the file access.  Another is to use access(2).

		Bob Lenk
		{hplabs, ihnp4}!hpfcla!rml