Il 10/10/2012 18:23, Stefan Weil ha scritto:
> < 0 would be wrong because it looks like both functions never
> return negative values.
> I just wrote a small test program (see
> below) and called it with different uids with and without root
> rights. This pattern should be fine:
>
> new_uid = setfsuid(uid);
> if (new_uid != 0 && new_uid != uid) {
> return -1;
> }
I didn't really care about this case. I assumed that the authors knew
what they were doing...
What I cared about is: "When glibc determines that the argument is not a
valid group ID, it will return -1 and set errno to EINVAL without
attempting the system call".
I think this would also work:
if (setfsuid(uid) < 0 || setfsuid(uid) != uid) {
return -1;
}
but it seems wasteful to do four syscalls instead of two.
Paolo
