arrom@aplcen.apl.jhu.edu (Ken Arromdee) (04/13/89)
I posted this before on jhunix, but I don't know if it got out; an apology if
you got 2 copies of this.
I have a program which is run setuid. I want to set the uid back to the
original before exec'ing a shell. It doesn't work. The following illustrates
the problem (it's run on an AT&T 3B4000 with SYSV). (uids is just a small
program to print out one's real and effective uids).
--------------------------------------------------------------
% uids
Real: user 7943 (ins_akaa), group 2048
Effective: user 7943 (ins_akaa), group 2048
% cd /s/adev/src/h/src
% cat test.c
extern unsigned short getuid();
extern unsigned short geteuid();
main()
{
printf("Before setuid(getuid())\n");
printf("Real UID=%d; effective UID=%d\n",
(int)getuid(), (int)geteuid());
setuid(getuid());
printf("After setuid(getuid())\n");
printf("Real UID=%d; effective UID=%d\n",
(int)getuid(), (int)geteuid());
execl("/bin/sh", "sh", 0);
}
% ls -l a.out
-rwsr-xr-x 1 adev 210 19905 Apr 10 23:10 a.out*
% a.out
Before setuid(getuid())
Real UID=7943; effective UID=210
After setuid(getuid())
Real UID=7943; effective UID=7943
% uids
Real: user 7943 (ins_akaa), group 2048
Effective: user 210 (adev), group 2048
% %
--------------------------------------------------------------
Note that setuid(getuid()) seems to work, but the effective uid somehow gets
set back when I do the execl().
--
EARTH | --Kenneth Arromdee
smog | bricks | UUCP: ....!jhunix!ins_akaa
AIR mud FIRE| INTERNET: arromdee@crabcake.cs.jhu.edu
soda water | tequila | BITNET: g49i0188@jhuvm
WATER |(please, no mail to arrom@aplcen)
Element chart from "Science Made Stupid". (The chart seems rather popular...)
arrom@aplcen.apl.jhu.edu (Ken Arromdee) (04/13/89)
This was supposed to go to comp.unix.questions, not unix-wizards. Please don't flame me; I _do_ know better. (And if you post a reply to it, please change the group as appropriate).
bes@holin.ATT.COM (Bradley Smith) (04/14/89)
In article <1022@aplcen.apl.jhu.edu>, arrom@aplcen.apl.jhu.edu (Ken Arromdee) writes:
# I have a program which is run setuid. I want to set the uid back to the
# original before exec'ing a shell. It doesn't work. The following illustrates
# the problem (it's run on an AT&T 3B4000 with SYSV). (uids is just a small
# program to print out one's real and effective uids).
# --------------------------------------------------------------
# % uids
# Real: user 7943 (ins_akaa), group 2048
# Effective: user 7943 (ins_akaa), group 2048
# % cd /s/adev/src/h/src
# % cat test.c
[stuff deleted]
# % ls -l a.out
# -rwsr-xr-x 1 adev 210 19905 Apr 10 23:10 a.out*
# % a.out
# Before setuid(getuid())
# Real UID=7943; effective UID=210
# After setuid(getuid())
# Real UID=7943; effective UID=7943
# % uids
# Real: user 7943 (ins_akaa), group 2048
# Effective: user 210 (adev), group 2048
I tried it (wrote a uids program) and did not see this results on a 3B4000
running 3.1.5 release of UNIX.
--
Bradley Smith
Computer Systems Offer Integration Laboratory
AT&T Bell Labs, Holmdel, NJ
201-949-0090 att!holin!bes or bes@holin.ATT.COM