Subject: Re: native issetugid(2)
To: None <email@example.com>
From: Noriyuki Soda <firstname.lastname@example.org>
Date: 04/17/2000 06:06:07
> Though, it really seems as if this can be done *without* a system
> call. ld.aout_so has done this sort of check for a long time
> internally, as does ld.elf_so (I hope :-).
Do you mean the following line in rtld.c?
careful = (uid != euid) || (gid != egid);
This does work for ld.so case, but doesn't work for library.
Because a caller of the library may do seteuid(getuid()) before
calling the library, and then it can do seteuid(0) to regain
it's setuid capability.
This is why issetugid(2) is needed.