> setr*[ug]id() don't offer any useful semantics not achievable via
   > other set*[ug]id() and make things difficult for those library routines
   > which need to know original real id in order to be able to do exploitable
   > things with id of user who runs the binary.
   
     This is not true.  In fact, setre[ug]id offers two features not
   available otherwise: 1) root-started programs can pretend they were
   started by another user and/or group, and 2) non-root programs can setuid
   to the effective user id.  #1 is valid, but #2 should have been done by
   simply allowing setuid to the effective user id (so they are never
   swapped) and not allowing non-root users to access setreuid.


#1 is incorrect so it doesn't count.
#2 is also incorrect so it doesn't count, either.


you should go understand how 4.4BSD setuid()/seteuid() works and see why
they removed the setr*id() calls completely!  everything works and is
simple with the 4.4BSD calls...


.mrg.