Question about a recent change to uidswap.c in the portability snapshot

David Holmes d.holmes at f5.com
Thu Jan 27 07:31:14 EST 2005


A change was recently introduced into uidswap.c to cover the case where
the user is root.  The change is "&& pw->pw_uid != 0 &&".
 
        /* Try restoration of GID if changed (test clearing of saved
gid) */
        if (old_gid != pw->pw_gid && pw->pw_uid != 0 &&
            (setgid(old_gid) != -1 || setegid(old_gid) != -1))
                fatal("%s: was able to restore old [e]gid", __func__);

My question is, should this change also be included in the setuid() call
a few lines later?
 
...
 
        /* Try restoration of UID if changed (test clearing of saved
uid) */
        if (old_uid != pw->pw_uid &&   [should change be here also?]
            (setuid(old_uid) != -1 || seteuid(old_uid) != -1))
                fatal("%s: was able to restore old [e]uid", __func__);


David Holmes 
F5 Networks 
d.holmes at f5.com 




More information about the openssh-unix-dev mailing list