develooper Front page | perl.perl5.porters | Postings from February 2011

Re: setuid and serious trouble (Re: Time to update POSIX.pm?)

Thread Previous | Thread Next
From:
Leon Timmermans
Date:
February 3, 2011 08:50
Subject:
Re: setuid and serious trouble (Re: Time to update POSIX.pm?)
Message ID:
AANLkTi=GeSezZdYhf1s2B-q1=L18TCVsKGT5jg90oNgG@mail.gmail.com
On Thu, Feb 3, 2011 at 5:29 PM, Mark Overmeer <mark@overmeer.net> wrote:
> It would be very unexpected to see  setreuid($uid, -1)  do something
> different than  setuid($uid).  The former is to avoid race-conditions
> when uid and euid both have to change.

setuid changes either *all uids* or just the euid, but never only the
ruid. See [1] for an explanation.

> There may be differences between how various
> operating systems interpret the call. We could document these differences
> or at least warn for them.

Yeah, implementations are so diverging that you can barely speak of a
standardized function. A warning for that would be appropriate.

Leon

[1]: http://pubs.opengroup.org/onlinepubs/009695399/functions/setuid.html

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About