Date:Mon, 7 Nov 2022 23:45:55 -0500 (EST)
From:Mouse
Message-ID: <202211080445.xaa10...@stone.rodents-montreal.org>
| What am I missing?
Nothing.
Using the saved id's is only an alternative (and really, a fairly
miserable one - a security nightmare, though recent
>> What am I missing?
> Nothing.
> Using the saved id's is only an alternative ([...]) if the sole aim
> of using setreuid() ([...]) is to allow a setuid process perform some
> operations as the real uid, and then revert to the effective uid once
> those are done.
OK, so the real problem is that
I wrote
> OK, so the real problem is that the [setreuid] manpage overstates the
> case for its obsolescence. I'll file a PR.
Apparently I won't. My mail bounced "too many hops"; there seems to be
a loop somewhere in there. If someone can tell me a useful place to
send it, I can pass the bounce
On Mon, 7 Nov 2022, Mouse wrote:
used in new code". But I must be missing something, because I can't
see any way to exploit the functionality described there, including the
saved IDs, to get the effect I want...short of creating an executable
I don't use seteuid(), but, it looks like you can
