Subject: Re: Addition to force open to open only regular files
To: Jarom r Dolecek <>
From: Warner Losh <>
List: tech-kern
Date: 11/13/2000 09:17:22
In message <> Jarom r Dolecek writes:
: The "right" uid to use is real uid (one returned by getuid()), isn't it ?

No.  that's the problem.  The program before the library call can set
its real and effective IDs to anything it wants.  Under most cases,
most programs don't do this and what you suggest will work.  It is the
pathological ones where setreuid() gets called where problems start.

A program can call setreuid with two different args than who started
the program (eg setreuid(1, 2)) and then rely on the saved id to get
back to the original euid of the person who ran the program.  NetBSD
supports _POSIX_SAVED_IDS, which means that the above won't touch the
saved uid.

On FreeBSD this may be safe because it doesn't implement
_POSIX_SAVED_IDS because it is unsafe to traditional BSD programs.  At
least according to comments in kern_prot.c.