Subject: Re: weird setuid behavior
To: Niels Provos <>
From: Noriyuki Soda <>
List: tech-kern
Date: 01/23/2004 18:11:18
>>> I am a bit puzzled by recent changes (last year) to how setuid works.
>>> Traditionally, it has always been possible as root to call
>>>   seteuid(someid)
>>>   setuid(someid)
>>> This now fails.  The call to seteuid() succeeds but the the second call
>>> fails leaving the uid=0 and the euid=someid
>>> Is there some logic behind this behavior?

>> What is your starting condition (euid, ruid, etc.)?  Was the process
>> started from a set-ID binary file?

> Either,
> $ sudo ./application
> or
> $ sudo su -
> # /somewhere/application
> So, euid, ruid, uid == 0 in the latter case.

I tested the program on NetBSD-1.4.2 and NetBSD-1.6_STABLE,
and the setuid(2) call failed on both systems with EPERM.
It failed on Solaris-2.6 and Linux-2.4, too.

Is such change really made at last year?