question about setting UIDs

question about setting UIDs

[Dominik Vogt]

[-- Attachment #1: Type: text/plain, Size: 907 bytes --]

In zsh, I can overwrite the UID, EUID varaibles to change the user
ids under which the script runs.  From the man page it is not
clear under which circumstances the saved uid is adjusted.  I.e.
can the script switch back return to the original UID/EUID?

When I run a shell or script as root (ruid = euid = svuid = 0),
setting the EUID allows me to switch back:

  $ echo $UID $EUID
  0 0
  $ EUID=1000; echo $UID $EUID
  0 1000
  $ EUID=0; echo $UID $EUID
  0 0

but settig UID does not:

  $ echo $UID $EUID
  0 0
  $ UID=1000; echo $UID $EUID
  1000 1000
  $ UID=0; echo $UID $EUID
  1000 1000

(All on linux-2.6).

Are there any guarantees that

 1) Setting EUID is reversible (at least on systems that have the
    seteuid() system call)?
 2) Setting UID is not reversible (on what kinds of system)?
 
Ciao

Dominik ^_^  ^_^

 --
Dominik Vogt, dominik.vogt@gmx.de

[-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]

Re: question about setting UIDs

[Peter Stephenson]

Dominik Vogt wrote:
> In zsh, I can overwrite the UID, EUID varaibles to change the user
> ids under which the script runs.  From the man page it is not
> clear under which circumstances the saved uid is adjusted.  I.e.
> can the script switch back return to the original UID/EUID?

It's also not obvious from the manual, but actually this facility is a
trivial wrapper around setuid() and seteuid().  So you can do exactly
what your system documentation tells you you can.  I suspect your
experience is typical.

A quick glance at the latest standards at the Open Group web site shows
that for seteuid(),

  If uid is equal to the real user ID or the saved set-user-ID, or if
  the process has appropriate privileges, seteuid() shall set the
  effective user ID of the calling process to uid; the real user ID and
  saved set-user-ID shall remain unchanged.

Unfortunately, "appropriate privileges" appear to be implementation
defined.  However, the fact that the real user ID is never altered may
be significant.

For setuid(), the description suggests it reflects "historical
behaviour" and shouldn't be used, but the wording sort of implies it's
likely to be irreversible, i.e. it changes everything in sight and you
will no longer have "appropriate privileges".  This is a rather folksy
interpretation and I haven't looked in depth.

How vendors have implemented it is another story.

Summary: I dunno.

-- 
Peter Stephenson <pws@csr.com>                  Software Engineer
CSR Ltd., Science Park, Milton Road,
Cambridge, CB4 0WH, UK                          Tel: +44 (0)1223 692070


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.

www.mimesweeper.com
**********************************************************************