From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 25413 invoked from network); 5 Oct 2004 17:47:35 -0000 Received: from news.dotsrc.org (HELO a.mx.sunsite.dk) (130.225.247.88) by ns1.primenet.com.au with SMTP; 5 Oct 2004 17:47:35 -0000 Received: (qmail 84943 invoked from network); 5 Oct 2004 17:47:29 -0000 Received: from sunsite.dk (130.225.247.90) by a.mx.sunsite.dk with SMTP; 5 Oct 2004 17:47:29 -0000 Received: (qmail 3091 invoked by alias); 5 Oct 2004 17:46:42 -0000 Mailing-List: contact zsh-users-help@sunsite.dk; run by ezmlm Precedence: bulk X-No-Archive: yes X-Seq: 8039 Received: (qmail 3078 invoked from network); 5 Oct 2004 17:46:41 -0000 Received: from unknown (HELO a.mx.sunsite.dk) (130.225.247.88) by sunsite.dk with SMTP; 5 Oct 2004 17:46:41 -0000 Received: (qmail 83591 invoked from network); 5 Oct 2004 17:45:42 -0000 Received: from lhuumrelay3.lnd.ops.eu.uu.net (62.189.58.19) by a.mx.sunsite.dk with SMTP; 5 Oct 2004 17:45:40 -0000 Received: from MAILSWEEPER01.csr.com (mailhost1.csr.com [62.189.183.235]) by lhuumrelay3.lnd.ops.eu.uu.net (8.11.0/8.11.0) with ESMTP id i95Hjev22805 for ; Tue, 5 Oct 2004 17:45:40 GMT Received: from EXCHANGE02.csr.com (unverified [192.168.137.45]) by MAILSWEEPER01.csr.com (Content Technologies SMTPRS 4.3.12) with ESMTP id for ; Tue, 5 Oct 2004 18:44:40 +0100 Received: from news01.csr.com ([192.168.143.38]) by EXCHANGE02.csr.com with Microsoft SMTPSVC(5.0.2195.6713); Tue, 5 Oct 2004 18:47:48 +0100 Received: from news01.csr.com (localhost.localdomain [127.0.0.1]) by news01.csr.com (8.12.11/8.12.11) with ESMTP id i95HjciU017656 for ; Tue, 5 Oct 2004 18:45:38 +0100 Received: from csr.com (pws@localhost) by news01.csr.com (8.12.11/8.12.11/Submit) with ESMTP id i95HjcYW017653 for ; Tue, 5 Oct 2004 18:45:38 +0100 Message-Id: <200410051745.i95HjcYW017653@news01.csr.com> X-Authentication-Warning: news01.csr.com: pws owned process doing -bs To: Zsh Users Subject: Re: question about setting UIDs In-reply-to: <20041005140008.GA12761@gmx.de> References: <20041005140008.GA12761@gmx.de> Date: Tue, 05 Oct 2004 18:45:37 +0100 From: Peter Stephenson X-OriginalArrivalTime: 05 Oct 2004 17:47:48.0600 (UTC) FILETIME=[6DA50780:01C4AB03] X-Spam-Checker-Version: SpamAssassin 2.63 on a.mx.sunsite.dk X-Spam-Level: X-Spam-Status: No, hits=0.0 required=6.0 tests=none autolearn=no version=2.63 X-Spam-Hits: 0.0 Dominik Vogt wrote: > In zsh, I can overwrite the UID, EUID varaibles to change the user > ids under which the script runs. From the man page it is not > clear under which circumstances the saved uid is adjusted. I.e. > can the script switch back return to the original UID/EUID? It's also not obvious from the manual, but actually this facility is a trivial wrapper around setuid() and seteuid(). So you can do exactly what your system documentation tells you you can. I suspect your experience is typical. A quick glance at the latest standards at the Open Group web site shows that for seteuid(), If uid is equal to the real user ID or the saved set-user-ID, or if the process has appropriate privileges, seteuid() shall set the effective user ID of the calling process to uid; the real user ID and saved set-user-ID shall remain unchanged. Unfortunately, "appropriate privileges" appear to be implementation defined. However, the fact that the real user ID is never altered may be significant. For setuid(), the description suggests it reflects "historical behaviour" and shouldn't be used, but the wording sort of implies it's likely to be irreversible, i.e. it changes everything in sight and you will no longer have "appropriate privileges". This is a rather folksy interpretation and I haven't looked in depth. How vendors have implemented it is another story. Summary: I dunno. -- Peter Stephenson Software Engineer CSR Ltd., Science Park, Milton Road, Cambridge, CB4 0WH, UK Tel: +44 (0)1223 692070 ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com **********************************************************************