setresuid()

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Alan Cox: "Re: 64-bit math in the kernel"
• Previous message: Dakota: "Re: Kernel panic with 2.1.9"
• Next in thread: Theodore Y. Ts'o: "Re: setresuid()"
• Reply: Theodore Y. Ts'o: "Re: setresuid()"

Our current implementation is slightly different. According to the
HP-UX man page, setresuid() treats all the uids the same way.

setresuid() is allowed if any one of the current uids (ruid/euid/suid)
is 0, or if each of the specified new uids matches at least one of the
current ruid/euid/suid. So if you aren't root, you can swap any two
of the three uids, or even swap all three (they all can be different).

HP-UX also has setresgid(), and we don't. It is similar - if you
aren't root (any of the uids equal to 0), you can swap any of the
three gids.

I think it should be possible to implement the other set*id()
calls only in terms of setres[ug]id(). Maybe even in libc?

One more thing: setresuid() should do "current->dumpable = 0" if
it changes the effective uid (like the other set*id syscalls do).
I think this is necessary to keep /proc/<pid>/fd/* secure (these
files are owned by euid of <pid>).

Marek

• Next message: Alan Cox: "Re: 64-bit math in the kernel"
• Previous message: Dakota: "Re: Kernel panic with 2.1.9"
• Next in thread: Theodore Y. Ts'o: "Re: setresuid()"
• Reply: Theodore Y. Ts'o: "Re: setresuid()"