Date: Wed, 5 Feb 2003 17:28:54 -0600 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: Terry Lambert <tlambert2@mindspring.com> Cc: Anoop Ranganath <anoop@ranganath.com>, freebsd-current@freebsd.org Subject: Re: tmpfile breakage on setuid executables Message-ID: <20030205232854.GC86606@opus.celabo.org> In-Reply-To: <3E419743.6144BE0B@mindspring.com> References: <00e201c2cd5b$14f31c30$0c02040a@ranganath> <3E41846A.39AAE406@mindspring.com> <015c01c2cd60$7b6dc0a0$0c02040a@ranganath> <3E418C3C.F4B99C78@mindspring.com> <3E419743.6144BE0B@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Feb 05, 2003 at 02:59:15PM -0800, Terry Lambert wrote: > Terry Lambert wrote: > > We need to know how we think it's supposed to work, not how you > > think it's supposed to work to determine if the error is in the > > code OR in the fact some old bug was fixed going from 4.7->5.0, > > and the fix is biting you, OR it's a real bug. > > For anyone who cares: > > Additional information was provided off-list. The problem was > indeed that "setuid(geteuid());" was missing from the program. > > Apparently, there was a bug fixed in 4.7 -> 5.0, where the > effective UID was being tested instead of the real UID. > > This is probably something that someone should MFC. Really? I just took a quick look at this, but I have to shove off for now. In initial tests, I get the different results depending on whether I'm using static or dynamic linking. But maybe it's me, I'll look more carefully later. How about pointing out the bug you found? Cheers, -- Jacques A. Vidrine <nectar@celabo.org> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030205232854.GC86606>