develooper Front page | perl.perl5.porters | Postings from February 2011

Re: setuid and serious trouble (Re: Time to update

Thread Previous | Thread Next
Leon Timmermans
February 3, 2011 08:50
Re: setuid and serious trouble (Re: Time to update
Message ID:
On Thu, Feb 3, 2011 at 5:29 PM, Mark Overmeer <> wrote:
> It would be very unexpected to see  setreuid($uid, -1)  do something
> different than  setuid($uid).  The former is to avoid race-conditions
> when uid and euid both have to change.

setuid changes either *all uids* or just the euid, but never only the
ruid. See [1] for an explanation.

> There may be differences between how various
> operating systems interpret the call. We could document these differences
> or at least warn for them.

Yeah, implementations are so diverging that you can barely speak of a
standardized function. A warning for that would be appropriate.



Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About