Notes |
(0002456)
geoffclare (manager)
2014-12-01 15:36
|
It seems odd that the example of how to set the effective user ID to the real user ID makes use of the optional (XSI) setreuid() function, instead of the mandatory seteuid() function.
Change from:
The following example sets the effective user ID and the real user ID of the current process to the real user ID of the caller.#include <unistd.h>
#include <sys/types.h>
...
setreuid(getuid(), getuid()); to:
The following example sets the effective user ID of the calling process to the real user ID.#include <unistd.h>
...
seteuid(getuid()); |
|
(0002466)
philip-guenther (reporter)
2014-12-02 06:38
|
The existing suggestion:
> setreuid(getuid(), getuid());
also sets the saved set-user-ID to the real user ID. The suggested replacement:
> seteuid(getuid());
does not.
The setre{u,g}id() interfaces are probably XSI only because the versions in XSI and in pre-4.4BSD had slightly different semantics when mapped into saved set-*-ID logic...though both versions do the Right Thing when invoked per the example. |
|
(0002468)
geoffclare (manager)
2014-12-02 14:19
|
Yes, my proposed change means different behaviour as regards saved set-user-ID. However, that's another argument in favour of changing to seteuid(), since the setreuid() example code does more than the description above it says it does (and the example's title implies). |
|