On Thu, Dec 12, 2002 at 08:38:27AM +0900, Oohara Yuuma wrote: > On Wed, 11 Dec 2002 14:13:15 -0500, > Matt Zimmerman <[EMAIL PROTECTED]> wrote: > > On Wed, Dec 11, 2002 at 11:07:11AM +0900, Oohara Yuuma wrote: > > > The problem is that there is fakeroot. getuid() == 0 or > > > geteuid() == 0 is not enough. PAM is an overkill. > > > I think seteuid(0) == 0 is the best approach. > > fakeroot (or any other dynamic linker tricks) will not work on set[ug]id > > programs. libc can be trusted here. > Is this Linux specific? (There can be a Hurd port in the sarge release).
Any system which would allow system calls to be spoofed in privileged programs this way would have a gaping security hole. Your program would be the least of its worries. -- - mdz
