wayne@AMES-NAS.ARPA (Wayne Hathaway) (11/06/85)
Apologies if this has gotten through before, but I haven't seen it reflected back ... -------- We have installed Berkeley sockets et al in VAX System V.2, and are running into a particular problem in porting ftpd (the FTP daemon). It seems that this daemon, which starts out as root, first validates the username and password as per the protocol, and then does a setuid to change to that user. Unfortunately, when a request is made that involves opening a data connection, the daemon must access a socket that is "reserved" (under 1024), which requires that it be root! In 4.2BSD this is no problem, due to the setreuid mechanism. But what about System V? We really don't want to have to shoehorn setreuid into System V (due to large changes over Version 7 setuid, among other things), but ... The question: Does anybody know of a version of ftpd that does NOT have this problem? Or some solution we have not thought of? With any assistance being appreciated, I say adthanksvance and go back to other less interesting things ... Wayne Hathaway wayne@ames-nas.arpa {dual,ihnp4,hao,vortex}!ames!amelia!wayne PS: Does anybody know why the System V.2 setuid(2) man page has so little to do with reality? It is a LARGE change over previous versions, and does not agree at all with the code. The reason I ask is that if setuid really worked the way the man page says, we would have no problem!
ron@BRL.ARPA (Ron Natalie) (11/08/85)
In System V R2 they've added: If the effective user ID of the calling process is not super-user, but the saved set-user (group) ID from exec(2) is equal to uid (gid), the effective user (group) ID is set to uid (gid). to setuid. If you have SVR2 you are in luck. -Ron