This is the mail archive of the libc-alpha@cygnus.com mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

2.0.94: seteuid semantics wrong ?


Dear fellow libc testers,

glibc-2.0.94 implements seteuid(euid) as setreuid(-1, euid).
I think this is wrong, because in 4.4BSD seteuid() never
modifies the saved user ID, whereas setreuid(-1, euid)
sets the saved uid to the new effective uid when the
old effective uid was 0 and the real uid is non-zero
and the new effective uid is not the real uid.

Linux provides a 4.4BSD-compatible setreuid, but
also a new system call, setresuid, that allows the
implementation of a proper 4.4BSD-compatible seteuid
(it has the following comment in the kernel sources:
/*
 * This function implementes a generic ability to update ruid, euid,
 * and suid.  This allows you to implement the 4.4 compatible seteuid().
 */
asmlinkage int sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
).

It would be really nice to have a 4.4BSD seteuid, and incidentally it
would allow Linux users to compile Sendmail out-of-the-box (right
now this is not possible with the beta glibcs, because Sendmail
assumes that _POSIX_VERSION >= 199500L implies a working 4.4BSD
seteuid. Granted, this probably is a bug in Sendmail, but this
is not a reason to invent our own brand new incompatible semantics
for seteuid).

The following patch should solve the problem for Linux. For the BSD
port of glibc, seteuid should be implemented directly in terms of
seteuid(2), which we do not have in Linux.

--- glibc-2.0.94/sysdeps/unix/sysv/linux/seteuid.c.dist	Sun Jan 21 06:57:02 1996
+++ glibc-2.0.94/sysdeps/unix/sysv/linux/seteuid.c	Thu May 28 22:18:28 1998
@@ -1 +1,36 @@
-#include <sysdeps/unix/bsd/seteuid.c>
+/* Copyright (C) 1998 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Library General Public License as
+   published by the Free Software Foundation; either version 2 of the
+   License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Library General Public License for more details.
+
+   You should have received a copy of the GNU Library General Public
+   License along with the GNU C Library; see the file COPYING.LIB.  If not,
+   write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+   Boston, MA 02111-1307, USA.  */
+
+#include <errno.h>
+#include <unistd.h>
+#include <sys/types.h>
+
+extern int setresuid (uid_t, uid_t, uid_t);
+
+int
+seteuid (uid)
+     uid_t uid;
+{
+  if (uid == (uid_t) ~0)
+    {
+      __set_errno (EINVAL);
+      return -1;
+    }
+
+  return setresuid (-1, uid, -1);
+}

I would like to get tests on comments on the above codes. Does
it break anything? If not, I really would like to have it merged
before 2.1.

-- 
    Thomas.Quinot@Cuivre.FR.EU.ORG     <URL:http://Web.FdN.FR/~tquinot/>


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]