Subject: re: Addition to force open to open only regular files
To: Jarom r Dolecek <>
From: matthew green <>
List: tech-kern
Date: 11/13/2000 18:10:06
   But this doesn't matter in this context, right ? The real user has
   no control about how the suid binary calls setuid()/seteuid(). If the
   binary ends up with both effective and real uid the more privileged
   one, the program has security problem on it's own.

the problem is that the *library* has no idea what the program has done,
therefore can not know what uid is the right one to use for the operation
at hand...