Re: BEWARE! Linux seteuid is broken!

Theodore Y. Ts'o (tytso@mit.edu)
Fri, 14 Jun 1996 16:50:52 -0400


From: "A.N.Kuznetsov" <kuznet@ms2.inr.ac.ru>
Date: Tue, 11 Jun 1996 13:28:31 +0400 (MSD)

POSIX seteuid DOES NOT CHANGE saved uid.

As I see, seteuid syscall was deleted from kernel
because someone decided that it is equivalent to setreuid(-1, euid).

setreuid changes saved uid, when euid != uid.
It breaks POSIX compliant programs.

Huh? seteuid() was never implemented; it's not in 1.2.x.

seteuid() is also not a POSIX function; it's not defined in POSIX. So
if you use it, you must be using it because you're interested in BSD
compliance.

Keep in mind that the whole notion of "effective" uid is non-POSIX. So
trying to mix effective uid and saved-uid is invariably going to cause
problems. I deliberately had setreuid() set the saved-uid because this
would seem to avoid certain security problems. See the comments in
kernel/sys.c for my justification for doing this.

- Ted