Subject: Re: commoning up code that changes uids and gids
To: None <>
From: Christos Zoulas <>
List: tech-kern
Date: 03/04/2003 13:15:01
In article <>,
David Laight <> wrote:
>On Tue, Mar 04, 2003 at 04:20:07PM +1100, matthew green wrote:
>>        *	Why not add setresuid() and setresgid() system calls?
>>    	Other systems (hp-ux, linux (?), etc) have them, and they
>>    	could be useful here too?
>>    	Maybe the "kernel style" / "standard" gurus have comments
>>    	on this one.
>> please don't add these unless you really really really really need to.
>I've misunderstood that as a vote against my do_setu/gid change :-(

Yes, the argument there was to providing native setre{s,g}uid(2),
calls which is not desired as others have pointed out. Providing
the do_setres{u,g}id() functions and implementing all the system
calls in terms of them, improves the security model and IMHO is
desirable from both a centralization point of view, and code size