Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!cs.utexas.edu!uunet!mcvax!hp4nl!phigate!philmds!leo
From: leo@philmds.UUCP (Leo de Wit)
Newsgroups: comp.databases
Subject: Re: Restricting access to Informix tables
Message-ID: <1038@philmds.UUCP>
Date: 22 May 89 11:13:23 GMT
References: <1080@investor.UUCP> <1092@altos86.UUCP> <1347@infmx.UUCP> <1084@investor.UUCP>
Reply-To: leo@philmds.UUCP (Leo de Wit)
Organization: Philips I&E DTS Eindhoven
Lines: 12

In article <1084@investor.UUCP> rbp@investor.UUCP (Bob Peirce #305) writes:
    []
|Sorry doctor, but that was the first thing we tried.  In fact all our
|database applications are owned by dbm.  4gl apparently considers
|the real ID and not the effective ID and only root can change the real
|ID.  Furthermore, 4gl apparently gets control very early making it
|impossible to change the real ID even if you are root.

Nope. Any process can change its real UID to its effective UID, or its
effective to its real (and the same goes for group IDs).  If you need
the control very early, just create a program (setuid dbm) that sets
the real UID to the effective, then execs the required program.