Our current implementation is slightly different. According to the
HP-UX man page, setresuid() treats all the uids the same way.
setresuid() is allowed if any one of the current uids (ruid/euid/suid)
is 0, or if each of the specified new uids matches at least one of the
current ruid/euid/suid. So if you aren't root, you can swap any two
of the three uids, or even swap all three (they all can be different).
HP-UX also has setresgid(), and we don't. It is similar - if you
aren't root (any of the uids equal to 0), you can swap any of the
three gids.
I think it should be possible to implement the other set*id()
calls only in terms of setres[ug]id(). Maybe even in libc?
One more thing: setresuid() should do "current->dumpable = 0" if
it changes the effective uid (like the other set*id syscalls do).
I think this is necessary to keep /proc/<pid>/fd/* secure (these
files are owned by euid of <pid>).
Marek