Clearing environment on exec of setuid process
Moderator, John Quarterman
std-unix at ut-sally.UUCP
Wed Feb 12 02:15:56 AEST 1986
Date: Sun, 9 Feb 86 22:00:20 pst
>From: pyramid!csg (Carl S. Gutekunst)
Organization: Pyramid Technology Corp., Mountain View, CA
>> The answer is only to do limited operations when in setuid. The best
>> way to do this would be to allow processes to painlessly shift back and
>> forth between their real-uid and effective-uid. This is allowed, but
>> not documented on BSD, but appears not to be allowed at all on SV.
>
>System Vr2 allows a non-root setuid process to call setuid(2) with either
>the real uid or the saved effective uid, allowing the process to painlessly
>switch back and forth. This change occurred between System V and Vr2.
Something is silly here; if you think it's important I'd appreciate it if
you'd verify this with someone who knows:
System V has always had the ability to switch the effective UID between the
real UID and the saved effective UID. (And it isn't documented, BTW. We
discovered it the hard way when some of the V.0 utilities wouldn't run.)
Berkeley, however, has never had this capability. There are a number of other
curious variations and exceptions, although that's fodder for net.unix... :-)
[ Does anybody know when the capability was introduced? PWB, System III,
System V? As for what BSD has along these lines, see previous article.
I'm beginning to agree that this discussion really belongs on net.unix.
-mod ]
<csg>
Volume-Number: Volume 5, Number 45
More information about the Mod.std.unix
mailing list