From: Peter Stephenson <pws@csr.com>
To: Zsh Users <zsh-users@sunsite.dk>
Subject: Re: question about setting UIDs
Date: Tue, 05 Oct 2004 18:45:37 +0100 [thread overview]
Message-ID: <200410051745.i95HjcYW017653@news01.csr.com> (raw)
In-Reply-To: <20041005140008.GA12761@gmx.de>
Dominik Vogt wrote:
> In zsh, I can overwrite the UID, EUID varaibles to change the user
> ids under which the script runs. From the man page it is not
> clear under which circumstances the saved uid is adjusted. I.e.
> can the script switch back return to the original UID/EUID?
It's also not obvious from the manual, but actually this facility is a
trivial wrapper around setuid() and seteuid(). So you can do exactly
what your system documentation tells you you can. I suspect your
experience is typical.
A quick glance at the latest standards at the Open Group web site shows
that for seteuid(),
If uid is equal to the real user ID or the saved set-user-ID, or if
the process has appropriate privileges, seteuid() shall set the
effective user ID of the calling process to uid; the real user ID and
saved set-user-ID shall remain unchanged.
Unfortunately, "appropriate privileges" appear to be implementation
defined. However, the fact that the real user ID is never altered may
be significant.
For setuid(), the description suggests it reflects "historical
behaviour" and shouldn't be used, but the wording sort of implies it's
likely to be irreversible, i.e. it changes everything in sight and you
will no longer have "appropriate privileges". This is a rather folksy
interpretation and I haven't looked in depth.
How vendors have implemented it is another story.
Summary: I dunno.
--
Peter Stephenson <pws@csr.com> Software Engineer
CSR Ltd., Science Park, Milton Road,
Cambridge, CB4 0WH, UK Tel: +44 (0)1223 692070
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************
prev parent reply other threads:[~2004-10-05 17:47 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-10-05 14:00 Dominik Vogt
2004-10-05 17:45 ` Peter Stephenson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200410051745.i95HjcYW017653@news01.csr.com \
--to=pws@csr.com \
--cc=zsh-users@sunsite.dk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).