Xref: utzoo comp.unix.wizards:15224 comp.bugs.sys5:822
Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!ukma!rutgers!att!chinet!les
From: les@chinet.chi.il.us (Leslie Mikesell)
Newsgroups: comp.unix.wizards,comp.bugs.sys5
Subject: Re: setuid (euid) after setuid (uid) on System 5
Message-ID: <8034@chinet.chi.il.us>
Date: 25 Mar 89 21:18:29 GMT
References: <123@cat.Fulcrum.BT.CO.UK> <280@cbnewsc.ATT.COM> <1196@auspex.UUCP> <9915@smoke.BRL.MIL>
Reply-To: les@chinet.chi.il.us (Leslie Mikesell)
Followup-To: comp.unix.wizards
Organization: Chinet - Public Access Unix
Lines: 17

In article <9915@smoke.BRL.MIL> gwyn@brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>) writes:

>>Both BSD and S5 flavors of "setuid" can be implemented atop "setreuid".

>I don't think the "saved set-UID" feature can be emulated using setreuid().
>Ron Natalie and I looked into this a few years ago and decided that a
>simple semantic extension to setreuid() could be made that would enable
>full emulation of saved set-UID, and that our extension would not cause
>any new security holes.

How about a 3-argument function to set effective, real, and saved set-uid
that is only allowed for root.  Then a process running as root could
start a child which would be allowed to flip between two different ids,
neither required to be 0. 


Les Mikesell