Question about a recent change to uidswap.c in the portability snapshot
David Holmes
d.holmes at f5.com
Thu Jan 27 07:31:14 EST 2005
A change was recently introduced into uidswap.c to cover the case where
the user is root. The change is "&& pw->pw_uid != 0 &&".
/* Try restoration of GID if changed (test clearing of saved
gid) */
if (old_gid != pw->pw_gid && pw->pw_uid != 0 &&
(setgid(old_gid) != -1 || setegid(old_gid) != -1))
fatal("%s: was able to restore old [e]gid", __func__);
My question is, should this change also be included in the setuid() call
a few lines later?
...
/* Try restoration of UID if changed (test clearing of saved
uid) */
if (old_uid != pw->pw_uid && [should change be here also?]
(setuid(old_uid) != -1 || seteuid(old_uid) != -1))
fatal("%s: was able to restore old [e]uid", __func__);
David Holmes
F5 Networks
d.holmes at f5.com
More information about the openssh-unix-dev
mailing list