* Peter Pentchev <[EMAIL PROTECTED]> [001115 09:02] wrote:
> >
> > Well there's setuid for you.
>
> Hmm.. I've also received two private mails so far, pointing me to setuid().
> The problem is, I want to force a new UID on *another* process without
> its knowledge. setuid() only works on the process invoking it, so
> both the 'force' and the 'without its knowledge' part fall by the wayside :(
>
> > What comes to mind is using the cmsg stuff that's normally used to
> > pass file descriptors and authentication information to pass the
> > ability to setuid over to another application over a unix domain
> > pipe. The recieving process would read using recvmsg determine if
> > the passed uid is 'ok' (the kernel would hold it in the proc struct
> > in a temporary), if it 'wanted' this uid it could then call some
> > variation of setuid to switch to this recieved uid.
>
> Yeah; problem is, as I said above, I do not want the receiving process
> to do anything special - just to wake up with a shiny new uid (this
> would probably surprise the hell out of most programs, but oh well :)
Unless this syscall was restricted to root, or a small subset of
uid's it would cause some severe security issues from my point
of view.
--
-Alfred Perlstein - [[EMAIL PROTECTED]|[EMAIL PROTECTED]]
"I have the heart of a child; I keep it in a jar on my desk."
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
