Semantics of "seteuid(uid)" vs. "setreuid(-1,uid)"
StefanEßer
se at FreeBSD.org
Sun Jun 6 12:47:44 GMT 2004
Any reason, that there is a difference in semantics between:
seteuid(id) vs. setreuid(-1, id) ???
The tests performed on the arguments are different (assuming a
fixed arg of -1 for ruid) in that seteuid does not support the
case of (euid == cr_uid):
seteuid(euid):
euid != oldcred->cr_ruid &&
euid != oldcred->cr_svuid
setreuid(-1, euid):
euid != oldcred->cr_uid &&
euid != oldcred->cr_ruid &&
euid != oldcred->cr_svuid
So seteuid() may fail in cases where setreuid() with a first argument
of -1 succeeds. The test obviously corresponds to POSIX appendix B.4.2.2
as mentioned in the comment in setuid().
Is the difference between seteuid() and setreuid() deliberate ?
I'm asking because I have received a bug report for a port, and it appears
that seteuid() on other systems is indeed equivalent to our setreuid(-1,).
Regards, STefan
More information about the freebsd-hackers
mailing list