From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 29060 invoked by alias); 13 Jun 2018 11:50:14 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: List-Unsubscribe: X-Seq: 42993 Received: (qmail 3822 invoked by uid 1010); 13 Jun 2018 11:50:14 -0000 X-Qmail-Scanner-Diagnostics: from mail-yb0-f193.google.com by f.primenet.com.au (envelope-from , uid 7791) with qmail-scanner-2.11 (clamdscan: 0.99.2/21882. spamassassin: 3.4.1. Clear:RC:0(209.85.213.193):SA:0(-1.9/5.0):. Processed in 1.287363 secs); 13 Jun 2018 11:50:14 -0000 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_PASS,T_DKIM_INVALID autolearn=ham autolearn_force=no version=3.4.1 X-Envelope-From: lists@eitanadler.com X-Qmail-Scanner-Mime-Attachments: | X-Qmail-Scanner-Zip-Files: | DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eitanadler.com; s=0xdeadbeef; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=MNBlbK8xxHVgGlX0roRxgYw4nnoODmLSeq/EQ+eA6Bs=; b=MufOqzTnyhJsSJUEytJMPpn6PK17HfHSmjfo0RubhanzneusTGM1W7u37SBypGNFiz EEJHPb5rKqajhJRvqMpEdSmsxmqafnab2Q3JXZYZJkBhpF9AVENmiabGWTn67LwcEsnf pA2Y73txLWWqqrN8XFrpOItvjcTkv9k2Pld7k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=MNBlbK8xxHVgGlX0roRxgYw4nnoODmLSeq/EQ+eA6Bs=; b=DTJVkVJQINTmnwcCcwCEU/D+KnFg+LlZXrpy70utVRlN5WgMbeFT5KSlKGieGZH1Im oxabcM36JigZR2rlb2mf93Wa5KTqhZCN0QD9WC9+J/9ajfNH24lIYQaLx4sUNtWd8MDD BsEgyHKd9hejLvpJuaI6tx5CYN6xlf0tfYbMlpbwWMbs8TQUAkuwMudj80VdS6A1lPqI KNg72hzRfkqg9401LCTPGpJJ2JEitqcGjLeHNZSnNmlSfEihAJE08VRR2mAQV6d/m0fS peKTSj03lw35pibU1QWhay5NZdgG4LY2VYeWpSjehVxpQDVuypr+Z8JW+bmHIBTCnGZk KIXg== X-Gm-Message-State: APt69E1uzFQX2dOXpxgwIMoXLmBI46D47ZVjx9tZRaCkaypUDA8zirM6 I80uG/rasFVLQQla7wrXniw85rk5/ySYdkTw8MoRFIDD X-Google-Smtp-Source: ADUXVKJELcWsU5mVQHfKJF5+0IewroGQlfb59v6g+1g+3bcCuZFG9ljG/ywM9vjvFWzA8hISO/CaDtJLuNMI1gJe3vU= X-Received: by 2002:a25:8751:: with SMTP id e17-v6mr2131866ybn.194.1528890610072; Wed, 13 Jun 2018 04:50:10 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: From: Eitan Adler Date: Wed, 13 Jun 2018 04:49:39 -0700 Message-ID: Subject: Re: [PATCH] Silence compilation warnings about setuid, setgid To: Sebastian Gniazdowski Cc: Zsh hackers list Content-Type: text/plain; charset="UTF-8" On 7 May 2018 at 04:18, Sebastian Gniazdowski wrote: > Hello, > on a Linux box I see: > Looking at the source, the reported calls are "extra" ones, they are > followed by proper setuid, setgid calls. I've found some way out from this > situation, of using the report value and reporting it (gmail paste, proper > patch is attached): > > #ifdef HAVE_SETUID > - setuid(getuid()); > - setgid(getgid()); While we're touching this code can we please correct the order of setuid and setgid? setgid must be called before setuid. If setuid is called first, on some platforms, it no longer has privs to call setgid aymore. See https://wiki.sei.cmu.edu/confluence/display/c/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges for additional details -- Eitan Adler