Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!ames!hc!lll-winken!uunet!auspex!guy
From: guy@auspex.UUCP (Guy Harris)
Newsgroups: comp.unix.wizards
Subject: Re: setuid (euid) after setuid (uid) on
Message-ID: <1197@auspex.UUCP>
Date: 24 Mar 89 07:39:56 GMT
References: <123@cat.Fulcrum.BT.CO.UK> <1800008@spdyne>
Reply-To: guy@auspex.UUCP (Guy Harris)
Organization: Auspex Systems, Santa Clara
Lines: 31

>If I understand the manuals correctly:

The old manuals, anyway.  The new manuals should explain the new version
of "setuid", which uses the "saved set-user ID", which is set when a
set-UID program is executed.  It basically remembers to whom the process
was originally set-UID, so that if you do

	setuid(real uid);

it still remembers that you had some other effective UID and thus lets
you do

	setuid(effective uid);

later.  Unfortunately, for reasons given in another posting, a

	setuid(0);

will set the "saved set-user ID" to 0, so you can't go home again.

By adopting the "setreuid" call mentioned earlier in your posting, S5R4
may end up fixing this (again, see my other posting).

>    Any solutions?
>
>        -Chert Pellett
>         root@spdyne

Yes, just keep running as "root", and you won't have to worry about any
of this - if you're "root", you shouldn't have to bother with set-UID
stuff at all, right? :-)