Is this brokenness in $< $( $> & $) ?

For some reason I haven't been able to fathom,
    $) = $EGID;
    $> = $EUID;
is NOT the equivalelent of
    ($), $>) = ($EUID, $EGID);
when running a setuid-root script, at least on Solaris and I suspect on all 
platforms which support setreuid/setregid.  In the list assignment case, 
perl uses setreuid/setregid instead of serial calls to seteuid/setegid and 
it gets the first parameter wrong:

setreuid(37845, 37845)				= 0
:
setregid(10, 10)				= 0

In this case, by specifying the uid of the invoking user as the first 
parameter, perl is giving up root privilege, and therefore the ability to 
set the euid/egid back to root at some future point.  Am I going mad, or is 
this broken?  I can't see why a list assignment should result in different 
system calls to a serial assignment.

According to the setreuid/setregid manpages, the first parameter (real 
uid/gid) should be -1 to specify 'no change'.  Either that, or perl should 
use seteuid/setegid instead of setreuid/setregid, which is what is does in 
the serial assignment case.

-- 
Alan Burlison
--

• Is this brokenness in $< $( $> & $) ? by Alan Burlison
• [PATCH bleadperl] (was Re: Is this brokenness in $< $( $> & $) ?) by Rick Delaney
• Re: [PATCH bleadperl] (was Re: Is this brokenness in $< $( $> & $) ?) by Alan Burlison
• Re: [PATCH bleadperl] (was Re: Is this brokenness in $< $( $> & $) ?) by Rick Delaney
• Re: [PATCH bleadperl] (was Re: Is this brokenness in $< $( $> & $) ?) by Rafael Garcia-Suarez
• Re: [PATCH bleadperl] (was Re: Is this brokenness in $< $( $> & $) ?) by Rick Delaney
• Re: Is this brokenness in $< $( $> & $) ? by Rick Delaney