I man seteuid in my Linux box, there are two types of errors: ERRORS The seteuid() function shall fail if:
EINVAL The value of the uid argument is invalid and is not supported by the implementation. EPERM The process does not have appropriate privileges and uid does not match the real group ID or the saved set-group- ID. If directly pass 0 in setuid(), EINVAL may not happend If this process is seteuid from root, EPERM may not happend so, I think the check is just a textbook logic check? just call _exit(1) if it fail? -------------------------------------------------- From: "Jeff Trawick" <traw...@gmail.com> Sent: Thursday, January 21, 2010 5:38 AM To: <dev@httpd.apache.org> Subject: [mod_fcgid PATCH] catch errors from setuid()/seteuid() > During the last hackathon, Paul was kind enough to run the clang/llvm > static analysis on mod_fcgid > (http://zeus.kimaker.com/~chip/fcgid-scan/). That pointed out these > setuid()/seteuid() calls that aren't checked prior to running a child. > > The error checking itself is simple enough, but there's an ugly aspect > of the implementation that results in trying to switch effective/real > uids multiple times that I worked around. (See the FIXME text in the > patch. I'm not aware of a simple solution, especially one simple > enough to get into 2.3.5) The seteuid() call would otherwise fail on > subsequent invocations for the same child. > > IIRC Joe thought that the seteuid() wasn't needed at all, but the > setuid() fails without it on Solaris. > > Concerns? > > Is there some reason that testing on Linux and Solaris wouldn't be sufficient? >