Subject: Re: Addition to force open to open only regular files
To: Greg Hudson <ghudson@MIT.EDU>
From: Noriyuki Soda <>
List: tech-kern
Date: 11/29/2000 21:00:34
>>>>> On Tue, 28 Nov 2000 01:20:12 -0500, Greg Hudson <ghudson@MIT.EDU> said:

ghudson> Even Chris Torek's suggestion that setuid programs should run with the
ghudson> real uid except at specific points doesn't really solve the problem.
ghudson> Say a setuid program needs to get and use Kerberos tickets as root
ghudson> (because it's fetching them from a keytab readable only by root).
ghudson> Using the Kerberos tickets as root involves doing hostname lookups as
ghudson> root.  Doing hostname lookups as root bumps up against the HOSTALIASES
ghudson> problem.

ghudson> (I'm not sure there is a satisfactory solution, other than deciding
ghudson> that library routines shouldn't reference environment variables.  And
ghudson> that would conflict with history and--in some cases--standards, so it
ghudson> doesn't really work either.)

Why aren't you satisfied with the following pseudo code?
(If setreuid() is deprecated, the following code should work.)

	euid = geteuid();
	if (getuid() != euid)
	fp = fopen($HOSTALIASES, "r");
	if (geteuid() != euid)

Do you want to preserve setreuid()? If so, why?