Hi, there's a large number of system programs that use get/setuid() to limit what a non-root user can do (route, killall, ping, etc.)
This may be a really dumb question, but shouldn't they be using get/seteuid() instead, to base their decision on the effective uid? Otherwise setting the setuid flag on the binary has no effect. For example, setting the setuid flag on ping (so non-root users can use flood pings - I am aware of the security implications, this is for a prototype system that will never go live) does not work - ping checks the real uid instead. Or is this deliberate? If so, there's other system programs (e.g. reboot) that check the euid instead. (Or is the inconsistency deliberate?) Can someone shed some light on this? Thanks, Lars -- Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
