On Tue, Aug 25, 2009 at 8:11 PM, Steve Langasek<[email protected]> wrote:
> On Tue, Aug 25, 2009 at 07:37:22PM -0400, Michael Spang wrote:
>> It seems you'd need to call setregid(getgid(), getgid()) to fully
>> drop privileges. When using setgid() the set-group-id is not set.
>
> The current use of setuid() has the same limitation.
It doesn't, at least not on Linux. The superuser is a special case, as
documented by the manpage:
If the user is root or the program is set-user-ID-root, special
care must be taken. The setuid() function checks
the effective user ID of the caller and if it is the superuser,
all process-related user ID's are set to uid. After
this has occurred, it is impossible for the program to regain
root privileges.
Michael
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
