Hi,
When calling getresuid() from a setuid program, ruid and uid are exchanged.
This can make setuid program set the effective uid as real uid too, so that the
user that launched the program can't kill it any more...
I'll attach an obvious fix.
Regards,
Samuel
--
Summary: getresuid has misordered arguments
Product: glibc
Version: 2.3.6
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: samuel dot thibault at ens-lyon dot org
CC: glibc-bugs at sources dot redhat dot com
GCC host triplet: i686-unknown-gnu0.3
http://sourceware.org/bugzilla/show_bug.cgi?id=2329
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.
_______________________________________________
Bug-hurd mailing list
Bug-hurd@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-hurd
