From: utzoo!decvax!genradbo!mitccc!jfw
Newsgroups: net.unix-wizards
Title: Re: Set UID inquiry - (nf)
Article-I.D.: mitccc.287
Posted: Tue Feb  8 17:27:18 1983
Received: Fri Feb 11 07:56:27 1983
References: ima.286

On SUID:  My theory has always been that a SUID program which wishes its
SUIDhood to end with the next exec should have the ability to turn off
the SUIDbit conditionally on the next exec (or should have an execu which
defaultly turns off the bit on exec).  My immediate application for this
idea was to allow users to execute programs in a directory they could
not search -- they would run an intermediate program first, then it
would fork and exec the intermediary program.  Specifically, we have a
program called "games_mgr" here which intercepts requests to play games
to check whether or not it is game time, etc.  I wanted the games
directory to be non-searchable except to user GAMES, but this would
leave the players set to that UID while playing the game (hence, in
Rogue, one types !ln /usr/games/.games/Rogue_ $HOME/Ha_ha, and one can
get around the whole thing).  If games_mgr does the setuid(getuid()),
you lose on the exec (since J.Random.User can't get there).  Hence, I
thought of a system call to tell the kernel to do the setuid(getuid())
upon exec (similar to FIONCLEX).  No, I haven't tried it yet, since it
doesn't seem (here) to have much use aside from that.