Xref: utzoo comp.unix.wizards:6560 comp.bugs.sys5:328
Path: utzoo!utgpu!water!watmath!clyde!rutgers!ames!mailrus!umix!uunet!sco!jonl
From: jonl@sco.COM (ScoMole #192-1232A)
Newsgroups: comp.unix.wizards,comp.bugs.sys5
Subject: Re: setuid(2) bug?
Message-ID: <220@scovert>
Date: 19 Feb 88 16:51:02 GMT
References: <679@rivm05.UUCP>
Reply-To: jonl@sco.COM (ScoMole #192-1232A)
Organization: The Santa Cruz Operation, Inc.
Lines: 32

+-I seem to recall ccement@rivm.UUCP (Martien F v Steenbergen) writing:
|
| According to the (System V) manuals from AT&T, Uniq, Nuxi and
| Xenix the chapter about the setuid(2) system call lists:
| 
| 	"...<Setuid> will fail if the real user ID of the
| 	calling process is not equal to <uid> and its effective
| 	user ID is not super-user. [EPERM]..."
| 
| If this is true, then the last command in the following sequence
| should be unsuccessful (assuming the use of legal user IDs):
| 
| 	< short program and exmaples deleted >
| 
| Comment please.
| 
| Martien.

Hmm. I tried out your example, and it appears that only one's effective uid
must be equal to "uid" in 'setuid (uid)', and the chmod u+s on the executeable
set that to be true. It seems to me that this is how it should work and the
documentation should be changed. off hand, i don't see any kind of security
problem with only checking for the effective uid instead of the real uid.
After all, who really needs to set their uid to what it already is?

if a fish's eye was a telephone pole, it would swim lopsided.
===============================================================================
jon luini || WORK: 408-425-7222    || HOME: 408-423-2917
Disclaimer|| You don't think SCO would agree with THAT, do you?????
Work:     || jonl@sco.com          || ...!{uunet, ihnp4, ucbvax!ucscc}!sco!jonl
Evil:     || niteowl@ssyx.ucsc.edu || ...!{ucbvax}!ucscc!ssyx!niteowl
===============================================================================