Subject: Re: Addition to force open to open only regular files
To: matthew green <>
From: Jaromír Dolecek <>
List: tech-kern
Date: 11/13/2000 06:11:06
matthew green wrote:
>    Someone had said that there was an example of why seteuid() won't
>    work, but so far haven't forwarded those examples to me.
> OK, the reason here is that with setreuid(), the user can have set
> either of these to any of the possible values available.  the policy

But this doesn't matter in this context, right ? The real user has
no control about how the suid binary calls setuid()/seteuid(). If the
binary ends up with both effective and real uid the more privileged
one, the program has security problem on it's own.

If (getuid() == geteuid()), yuu could safely assume it's the less
privileged one, AFAICS.

Jaromir Dolecek <>
@@@@  Wanna a real operating system ? Go and get NetBSD, damn!  @@@@