Behavior of exec wrt euid/ruid on 2.2 vs. 2.4 kernels

From: Neulinger, Nathan (nneul@umr.edu)
Date: Tue Jun 18 2002 - 14:13:19 EST


I just noticed this today when I upgraded an older machine from 2.2.x to
2.4.18 that the behavior of exec changed with respect to how it handles
euid!=ruid.

Basically, on 2.4:
        setuid bin, execute it, ruid!=euid, exec another tool, now euid
is set to ruid

on 2.2 the execced binary retains the ruid!=euid.

I can see how this might have been done intentionally for security,
however, it does mean that it is impossible for a execced tool to know
the real uid that is running it if executed from a setuid wrapper, or to
run a helper tool (aklog) from a ruid!=euid process.

Was this change in behavior intentional?

I never noticed it on any of our other 2.4.x systems, cause exec()'s
within setuid bin's without setresuid(geteuid(),geteuid(),geteuid()) are
pretty rare in our tools, most of them just have a single bin that does
whatever it needs to do.

-- Nathan

------------------------------------------------------------
Nathan Neulinger EMail: nneul@umr.edu
University of Missouri - Rolla Phone: (573) 341-4841
Computing Services Fax: (573) 341-4216
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sun Jun 23 2002 - 22:00:17 EST