> I think you should check the return value of setuid. > > I don't think you can change the uid of a process that easily. > > Otherwise you could also write setuid(0), become root and that would look to > me as a huge security hole. >
You need to be root to "chmod u+s [your_program]" so your program can setuid(). It's a standard Unix/Linux paradigm to run a process with another user privilege. Yes it is a security risk if you don't know what you're doing :) --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
