Re: High UID support for Linux

Tor Arntsen (tor@spacetec.no)
Wed, 2 Dec 1998 14:13:51 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Riley Williams: "Re: NTP dumps Linux, film at 11. [Fwd/FYI]"
Previous message: Jamie Lokier: "Re: NTP accuracy?"

In article <fa.j1u4o4v.dm8rj1@ifi.uio.no>,
hpa@transmeta.com (H. Peter Anvin) writes:
>It's also important to recognize that using getpwent to extract one's
>own home directory is *WRONG*. HOME and USER may point to a different
>place/user than getuid() and getpwuid(getuid()) will give you; this is
>quite common for setuid programs and when using su -m.

but HOME and USER can't be used in all situations. If a setuid program
changes the uid and starts another program (as is the case in a project
I'm on, the customer uses one setuid program to start all the other
apps, each with their own uid) then HOME and USER etc. is obviously wrong
for those applications, unless the setuid program explicitly sets those
variables (our customers application doesn't).

It all depends on what you define as your 'own home directory'.

- Tor
(Disclaimer: I haven't followed this High UID thread so I'm only commenting
that particular statement about HOME, I may be ignorant about something in
the larger picture which may make my comment irrelevant.. if so pls ignore :-)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Riley Williams: "Re: NTP dumps Linux, film at 11. [Fwd/FYI]"
Previous message: Jamie Lokier: "Re: NTP accuracy?"