Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!ucbvax!ucsd!rutgers!bellcore!texbell!killer!rpp386!spdyne!root
From: root@spdyne.UUCP
Newsgroups: comp.unix.wizards
Subject: Re: setuid (euid) after setuid (uid) on
Message-ID: <1800008@spdyne>
Date: 20 Mar 89 21:56:00 GMT
References: <123@cat.Fulcrum.BT.CO.UK>
Lines: 52
Nf-ID: #R:cat.Fulcrum.BT.CO.UK:123:spdyne:1800008:000:1828
Nf-From: spdyne.UUCP!root    Mar 20 15:56:00 1989


In article <123@cat.Fulcrum.BT.CO.UK> igb@Fulcrum.BT.CO.UK (Ian Batten) writes:

>Should the following program work or not, on System Five?  This is a
>common idiom in the source code of HoneyDanber uucp, and two local System
>Five machines refuse to honour the second setuid.  The manual page implies
>they should.  Please, no flames --- just mail me an answer.  I've been
>sweating blood over the code all day and I hope I can lodge this as a
>kernel problem.

    I know that on BSD they added a very useful call: setreuid, which
allows the setting of both real and effective uid.  [I'm pretty sure that
I got that name right, but it's been 4 years since I did anything with BSD]
I seem to remember a fantastic call that switched your uid and euid! This
was a VERY good idea on someone's part!

    What I want to be able to do is this:

From program SETUID Notes, Switch to UID of person who ran program [Real UID]

old_uid = geteuid(); - Save the UID of the Notes.

setuid (getuid ()) - Switch to UID of original person.
                     Save a file to disk, with access restricted whatever the
                     original person had.

setuid (old_uid)   - Get back to Notes effective uid.

    The last one will of course fail.  [The notes source as posted has the
problem that if you want to save a file, you have to have the notes account
have write access to the directory that you want to save it in.]


If I understand the manuals correctly:

   Uid    Euid        (2 = original user id, program setuid to uid 3)

    2        3

setuid (2)

    2        2        Manual says it changes BOTH.. Bummer!

[Save file/whatever]
setuid (3)
    2        2        Will fail as neither your Real or your Effective UID is
                      3 anymore.

    Any solutions?

        -Chert Pellett
         root@spdyne