From owner-freebsd-current Wed Feb 5 15:31: 3 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 32A3537B401 for ; Wed, 5 Feb 2003 15:31:02 -0800 (PST) Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8DD2943F85 for ; Wed, 5 Feb 2003 15:31:01 -0800 (PST) (envelope-from nectar@celabo.org) Received: from opus.celabo.org (opus.celabo.org [10.0.1.111]) by gw.nectar.cc (Postfix) with ESMTP id 20EBB51; Wed, 5 Feb 2003 17:31:01 -0600 (CST) Received: by opus.celabo.org (Postfix, from userid 1001) id 9B63A58D6; Wed, 5 Feb 2003 17:28:54 -0600 (CST) Date: Wed, 5 Feb 2003 17:28:54 -0600 From: "Jacques A. Vidrine" To: Terry Lambert Cc: Anoop Ranganath , freebsd-current@freebsd.org Subject: Re: tmpfile breakage on setuid executables Message-ID: <20030205232854.GC86606@opus.celabo.org> Mail-Followup-To: "Jacques A. Vidrine" , Terry Lambert , Anoop Ranganath , freebsd-current@freebsd.org References: <00e201c2cd5b$14f31c30$0c02040a@ranganath> <3E41846A.39AAE406@mindspring.com> <015c01c2cd60$7b6dc0a0$0c02040a@ranganath> <3E418C3C.F4B99C78@mindspring.com> <3E419743.6144BE0B@mindspring.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3E419743.6144BE0B@mindspring.com> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.1i-ja.1 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Feb 05, 2003 at 02:59:15PM -0800, Terry Lambert wrote: > Terry Lambert wrote: > > We need to know how we think it's supposed to work, not how you > > think it's supposed to work to determine if the error is in the > > code OR in the fact some old bug was fixed going from 4.7->5.0, > > and the fix is biting you, OR it's a real bug. > > For anyone who cares: > > Additional information was provided off-list. The problem was > indeed that "setuid(geteuid());" was missing from the program. > > Apparently, there was a bug fixed in 4.7 -> 5.0, where the > effective UID was being tested instead of the real UID. > > This is probably something that someone should MFC. Really? I just took a quick look at this, but I have to shove off for now. In initial tests, I get the different results depending on whether I'm using static or dynamic linking. But maybe it's me, I'll look more carefully later. How about pointing out the bug you found? Cheers, -- Jacques A. Vidrine http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message