On Thu, Mar 06, 2003 at 05:46:57PM -0500, Greg A. Woods wrote:
> [ On Thursday, March 6, 2003 at 18:02:44 (+0700), Robert Elz wrote: ]
> > main()
> > {
> > 	int uid = getuid();
> > 	int eid = geteuid();
> > 
> > 	setreuid(eid, uid);
> > 	/* nothing done here */
> > 	setreuid(uid, eid);
> > 	exit(0);
> > }
> > 
> > Do you want to revise your "never" ??
> 
> Nope, definitely not.
 
> I.e. that "nothing done here" comment does not imply that the OS and its
> other process contexts won't be able to do something significant between
> those system calls, including something which affects that process.
> Certainly such an artificial example makes it extrememly difficult to
> trigger an exploit attempt at the proper time, and it narrows the range
> of potentially successful exploit types because of the artificial time
> pressure, but it also clearly does not make it absolutely impossible for
> any exploit to catch it unawares.

Say, is there anything in any Unix standard that requires the above
program be the only schedulable entity in the address space?

Seriously.
-- 
Kevin P. Neal                                http://www.pobox.com/~kpn/
           On the community of supercomputer fans:
"But what we lack in size we make up for in eccentricity." 
  from Steve Gombosi, comp.sys.super, 31 Jul 2000 11:22:43 -0600