bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

code/module request: undo setuid


From: Sam Steingold
Subject: code/module request: undo setuid
Date: Mon, 10 Nov 2008 10:54:21 -0500
User-agent: Thunderbird 2.0.0.14 (X11/20080506)

Hi,
Suppose one has an application which is installed setuid root.
Suppose also the application has a feature (e.g., spawn an interactive user shell) which should NOT be run as root - but as an unprivileged user instead. I suppose this is a fairly common operation (e.g., nethack is probably installed setgid games and I think it can spawn a shell), and it is probably done thus:

  if (0 == fork()) { /* child */
    magic incantations to restore gid;
    exec("/bin/bash");
  } else ...

So, what are those "magic incantations"?
do they go beyond
   setreuid(getuid(), getuid());
??

Yes, I can probably hunt them down myself, but I would rather have an expert opinion. Also, if the magic goes beyond 1-2 lines, I think it would be a good idea to add it to gnulib.

thanks.

Sam.





reply via email to

[Prev in Thread] Current Thread [Next in Thread]