: >root# cp /usr/bin/sleep /tmp/sleep
: >root# chmod 4755 /tmp/sleep
: >
: >user> /tmp/sleep 600
: >(switch to another window)
: >user> ps aux
: >root 6293 2.0 1.0 25 160 pp8 S 17:22 0:00 /tmp/sleep 600
: >user> kill -9 6293
Of *course* it works this way! How else should it work?
When a user executes a set-uid program only the *effective* uid is set to
the files owner. There is no way for a user to have the real user id set
by a set-uid program unless that user is already root.
This is not a bug, it is POSIX defined behaviour.
How else would a user kill an errant ping process for example (which needs to
be set-uid to root to bind to a priviledged port).
-- +----------------------------------------------------------------------------+ Graham Broadbridge Internet <grahamb@peachy.apana.org.au> Marsfield NSW <vk2yui@amsat.org> Australia amprnet <vk2yui@gw.vk2yui.ampr.org> +----------------------------------------------------------------------------+