Theodore Y. Ts'o:
> What we're missing is the "if any one of the current uids
> (ruid/euid/suid) is 0" test; that was an oversight on my part.
Yes. Also, I found one more bug: fsuid wasn't reset to euid -
so, filesystem access was still possible under the old fsuid
after setresuid(uid, uid, uid). Or was this intentional?
Nope, this wasn't intentional; thanks for catching it!
OK, sorry it took so long, here is the patch for 2.1.13. It adds
the uid 0 check, clears the dumpable flag, and resets fsuid.
setresgid() should be similar but it needs a new syscall number
- I'm not sure what is the proper way to allocate one.
I haven't tried running with it, but it looks good to me!!
- Ted