tar@hilbert.math.ksu.edu (Tim Ramsey) (12/03/90)
I'm running SunOS 4.1 on a SPARCserver 330. I have a setuid root program
that I'm working with. I want it to give up its euid until it does some
final cleanup, where I want to restore the setuid root privs. SunOS 4.1
saves the set-user ID at exec.
Here's a pseudocode snippit:
main() {
...
initialize();
...
cleanup();
...
}
initialize() {
...
setreuid(-1, getuid());
printf("ruid: %d, euid: %d\n", getuid(), geteuid());
}
cleanup() {
setreuid(-1, 0);
printf("ruid: %d, euid: %d\n", getuid(), geteuid());
}
The first printf shows the euid has been set to the ruid. However, ps
shows the UID as 0:
F UID PID PPID CP PRI NI SZ RSS WCHAN STAT TT TIME COMMAND
20008001 0 8841 7404 1 15 0 288 1304 select S p4 0:00 snippit
ofiles, among other programs, shows the process running with uid == mine.
Where is ps getting this? Could it be using the saved set-user ID? The
second setreuid succeeds in setting the euid back to 0.
As a further data point, if I replace the setreuid() in initialize() with
setuid(), ps shows the process running with my uid (which is correct).
However, the setreuid() in cleanup() then fails with EPERM. Replacing
setreuid() with setuid() fails as well.
Can anyone explain what ps is showing me, and why setuid() seems to unset
the saved set-user ID? Please email your responses; I'll post a summary
if asked.
Thanks,
Tim
--
Tim Ramsey (tar@math.ksu.edu) (913) 532-6750 (voice) 532-7004 (FAX)
Department of Mathematics, Kansas State University, Manhattan KS 66506