[EMAIL PROTECTED] (Paul Jarc) writes: > I agree - the kernel does not set uid=euid. (It preserves the old > uid, and sets the new euid according to the file's owner.) I was > saying something different: if there is a program running in a setuid > situation (i.e., its real uid is different from its effective uid) > that changes its real uid to match its effective uid (I'm not claiming > this happens often), and then runs another program, then that other > program will have no way of knowing that it is in a setuid situation.
This isn't how we deal with setuid security in the Hurd, however. A setuid exec is not just an exec where ruid != euid; it's specifically one which *changes* the euid. This case is dectected by fs_exec, and the filesystem sets the "secure exec" flag. We don't want to change other execs, because there is no reason to think there is any kind of security implication for them. _______________________________________________ Bug-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-hurd
