Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: question about setting UIDs

X-seq: zsh-users 8039
From: Peter Stephenson <pws@xxxxxxx>
To: Zsh Users <zsh-users@xxxxxxxxxx>
Subject: Re: question about setting UIDs
Date: Tue, 05 Oct 2004 18:45:37 +0100
In-reply-to: <20041005140008.GA12761@xxxxxx>
Mailing-list: contact zsh-users-help@xxxxxxxxxx; run by ezmlm
References: <20041005140008.GA12761@xxxxxx>

Dominik Vogt wrote:
> In zsh, I can overwrite the UID, EUID varaibles to change the user
> ids under which the script runs.  From the man page it is not
> clear under which circumstances the saved uid is adjusted.  I.e.
> can the script switch back return to the original UID/EUID?

It's also not obvious from the manual, but actually this facility is a
trivial wrapper around setuid() and seteuid().  So you can do exactly
what your system documentation tells you you can.  I suspect your
experience is typical.

A quick glance at the latest standards at the Open Group web site shows
that for seteuid(),

  If uid is equal to the real user ID or the saved set-user-ID, or if
  the process has appropriate privileges, seteuid() shall set the
  effective user ID of the calling process to uid; the real user ID and
  saved set-user-ID shall remain unchanged.

Unfortunately, "appropriate privileges" appear to be implementation
defined.  However, the fact that the real user ID is never altered may
be significant.

For setuid(), the description suggests it reflects "historical
behaviour" and shouldn't be used, but the wording sort of implies it's
likely to be irreversible, i.e. it changes everything in sight and you
will no longer have "appropriate privileges".  This is a rather folksy
interpretation and I haven't looked in depth.

How vendors have implemented it is another story.

Summary: I dunno.

-- 
Peter Stephenson <pws@xxxxxxx>                  Software Engineer
CSR Ltd., Science Park, Milton Road,
Cambridge, CB4 0WH, UK                          Tel: +44 (0)1223 692070

**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.

www.mimesweeper.com
**********************************************************************

References:
- question about setting UIDs
  - From: Dominik Vogt

Messages sorted by: Reverse Date, Date, Thread, Author