lindsay@watnext.waterloo.edu (08/19/89)
From: Lindsay Patten <lindsay@watnext>
The following program illustrates how to do what I think you
want to do. Chown it to root and chmod it.
main()
{
printf("ruid = %d, euid = %d\n", getuid(), geteuid());
if(chroot("/tmp"))
perror("chroot");
if(seteuid(getuid()))
perror("seteuid");
if(fopen("/tmp/test","w") == 0)
perror("fopen");
printf("ruid = %d, euid = %d\n", getuid(), geteuid());
}
By using chmod u+s the euid gets set to the owner of the file,
the ruid remains that of the real user. After the seteuid(getuid())
call the process will have
euid == ruid == (uid of process that called the program)
and will be unable to ever regain it's setuid status. Thus there
is no security risk provided the program itself is not tampered with.
The file will appear in /tmp/tmp/test.
Cheers,
Lindsay