Jan Rekorajski wrote:
> > One question. Is there any reason why you can't change the euid back
> > again afterwards? This seems more transparent to me. (Some code actually
> > has the real uid set to something other than the effective one while
> > authenticating anyway).
>
> I'm not changing euid. I'm changing only real uid, and no, can't switch
> back, because limits are compared agains current real uid.
Sorry, I meant the uid. In general, its the responsibility of the
application to handle the setting of uids, modules need to be
transparent wrt to this - some modules actually depend on the uid value
to determine who originated the request.
Why can't you do this?:
{
uid_t old_uid = getuid();
setreuid(pwd->pw_uid, -1);
retval = setup_limits(pwd->pw_name, ctrl);
setreuid(old_uid, -1);
}
> > Please file a bug report and then apply your change (with a change to
> > CHANGELOG).
Didn't see the CHANGELOG checkin.
Cheers
Andrew
