Xref: utzoo comp.unix.questions:9127 comp.lang.c:12396
Path: utzoo!attcan!uunet!mcvax!hp4nl!philmds!leo
From: leo@philmds.UUCP (Leo de Wit)
Newsgroups: comp.unix.questions,comp.lang.c
Subject: Re: General Unix/C question
Keywords: userid Make su segmentation core
Message-ID: <794@philmds.UUCP>
Date: 7 Sep 88 16:50:10 GMT
References: <641@jura.tcom.stc.co.uk>
Reply-To: leo@philmds.UUCP (Leo de Wit)
Organization: Philips I&E DTS Eindhoven
Lines: 38

In article <641@jura.tcom.stc.co.uk> john@tcom.stc.co.uk (John Blair) writes:
|
|Below is the program I use to run a unix command under the userid of the
|program owner.
|However when the command passed is Make with parameters and 
|stdout and stderr file redirection I sometimes get segmentation
|problems and core dumped.
|
|If I "su" as the userid of the program owner
|and execute the same Make command I do not get segmentation problems.
|What is wrong with the C program?
|
|/* note, this must run with set uid on execution */
|main(argc,argv)
| int argc;
| char * argv[];
|{
| setuid(geteuid());
| setgid(getegid());
| execvp(argv[1],argv+1);
|}

Two things: 1) the arg count should be checked to be >= 2 (I don't think
execvp likes a null parameter).
            2) when you start the program the input/output redirection is
done, perhaps by your shell. This means that these input/output streams
must be readable/writable by the current uid/gid; when you setuid &
setgid the process may not be allowed anymore to write these
descriptors.  Suggestion: either explicitly allow access to the
stdout/stderr (e.g.  create a file, chmod to correct permissions and do
redirection by appending) or do a fchmod(fileno(stdin),mode) in the
program; this you will have to do probably in a forked child which has
reset the euid/egid to the original value, as only a file owner can
change the mode (fork the child before the setuid/setgid, otherwise you
cannot it change it back anymore).

Hope this helps -
                      Leo.