From owner-freebsd-current Wed Feb 5 13:40:53 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A600537B405 for ; Wed, 5 Feb 2003 13:40:51 -0800 (PST) Received: from puffin.mail.pas.earthlink.net (puffin.mail.pas.earthlink.net [207.217.120.139]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3347B43F75 for ; Wed, 5 Feb 2003 13:40:51 -0800 (PST) (envelope-from tlambert2@mindspring.com) Received: from pool0205.cvx21-bradley.dialup.earthlink.net ([209.179.192.205] helo=mindspring.com) by puffin.mail.pas.earthlink.net with asmtp (SSLv3:RC4-MD5:128) (Exim 3.33 #1) id 18gXHk-0007Ld-00; Wed, 05 Feb 2003 13:40:49 -0800 Message-ID: <3E41846A.39AAE406@mindspring.com> Date: Wed, 05 Feb 2003 13:38:50 -0800 From: Terry Lambert X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Anoop Ranganath Cc: freebsd-current@freebsd.org Subject: Re: tmpfile breakage on setuid executables References: <00e201c2cd5b$14f31c30$0c02040a@ranganath> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a4090534ee10a6c2583511a66d06119421a2d4e88014a4647c350badd9bab72f9c350badd9bab72f9c Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Anoop Ranganath wrote: > The problem reared it's ugly head when maildrop started mishandling > mesasges. Here is what I've tracked it down to: > > I've used the code at the bottom of this message to isolate this > bug. The summary is that when I compile the code as root, and then > make it setuid (chmod u+s a.out) and then try to run it as a user, the > tmpfile() fails. If I run it as root, it works fine. Conversely, I > can give user ownership of the executable, and then run it as user, and > it works great, but if fails for root. Again this is only with the > setuid bit set. Probably your real and effective UID's aren't the same. Does your SUID root program set the real UID from the effective UID? -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message