BEWARE! Linux seteuid is broken!

A.N.Kuznetsov (kuznet@ms2.inr.ac.ru)
Tue, 11 Jun 1996 13:28:31 +0400 (MSD)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Matthias Urlichs: "Re: Ideas for v2.1"
Previous message: Mikael Abrahamsson: "Re: Ideas for v2.1"
Next in thread: Theodore Y. Ts'o: "Re: BEWARE! Linux seteuid is broken!"
Reply: Theodore Y. Ts'o: "Re: BEWARE! Linux seteuid is broken!"
Maybe reply: really kuznet@ms2.inr.ac.ru: "Re: BEWARE! Linux seteuid is broken!"

Hello!

POSIX seteuid DOES NOT CHANGE saved uid.

As I see, seteuid syscall was deleted from kernel
because someone decided that it is equivalent to setreuid(-1, euid).

kernel/sys.c

if (ruid != (uid_t) -1 ||
(euid != (uid_t) -1 && euid != old_ruid)) <- ?????
current->suid = current->euid;

setreuid changes saved uid, when euid != uid.
It breaks POSIX compliant programs.

Well, we might delete second condition, but I'am
afraid it will break BSD compliance.

Alexey Kuznetsov.

Next message: Matthias Urlichs: "Re: Ideas for v2.1"
Previous message: Mikael Abrahamsson: "Re: Ideas for v2.1"
Next in thread: Theodore Y. Ts'o: "Re: BEWARE! Linux seteuid is broken!"
Reply: Theodore Y. Ts'o: "Re: BEWARE! Linux seteuid is broken!"
Maybe reply: really kuznet@ms2.inr.ac.ru: "Re: BEWARE! Linux seteuid is broken!"