maart@cs.vu.nl (Maarten Litmaath) (06/16/89)
clewis@eci386.uucp (Chris Lewis) writes: \In article <2733@piraat.cs.vu.nl> maart@cs.vu.nl (Maarten Litmaath) writes: \... \>setuid() to either geteuid() or getuid() must ALWAYS succeed. Elementary. \... \Maarten's usually right, but in this case he isn't. *Most* versions of \UNIX (eg: Xenix and SV, but I think BSD may be the opposite) do not allow \you to setuid() to anything other than getuid() unless geteuid() == 0. You're right! :-( \... \The easiest way to get a mkdir to get the ownership the way you want it \is to write a setuid root wrapper that invokes mkdir and then chown's \the created directory to "news" explicitly. \ \eg, compile and make setuserid root: \ \ main(argc, argv) int argc; char **argv; { \ int pid; \ if ((pid = fork()) == 0) \ exec("/bin/mkdir", argv[1], 0); \ while(wait(0) != pid); \ exec("/bin/chown", "news", argv[1], 0); \ } \... I think I like the following better: #define NEWS 6 /* uid of news */ char mkdir[] = "/bin/mkdir"; main(argc, argv) int argc; char **argv; { if (setuid(NEWS) == -1) { perror("setuid"); exit(1); } argv[0] = mkdir; execv(mkdir, argv); perror(mkdir); exit(1); } Anyway, thanks for the correction, Chris! -- "I HATE arbitrary limits, especially when |Maarten Litmaath @ VU Amsterdam: they're small." (Stephen Savitzky) |maart@cs.vu.nl, mcvax!botter!maart