> setuid(geteuid()) seems an obvious no-op to me (unless the calling > application happens to have euid of root, and in that case it's the > real user id that's being set, to root) and a test application I wrote > seems to confirm this. Your own argumentation above shows you that it is no no-op. Look at your own example, something changes, which is important if you call executeables after fork() or with exec*(). Thorsten
The _only_ reason anything changes in my example is because the euid of the calling process happens to be root and the setuid function has special behaviour in that case. Setting the real user id is practically pointless though as all security checks are made against the euid. I am thinking about making the run_as_user option set both real and effective user ids more explicity. I think one problem we might be having is that you intend seteuid to give the exec'ed program more permissions than it would normally get, and I'm intending the exec'ed program to have fewer permissions than it would normally get. I still don't think that the seteuid works the way you intend it to though. _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list