Xref: utzoo unix-pc.general:1066 comp.sys.att:3739 Path: utzoo!utgpu!water!watmath!clyde!whuts!mhuxh!mhuxu!mhuxt!mhuxi!mhuhk!mhuxo!ulysses!andante!alice!wilber From: wilber@alice.UUCP Newsgroups: unix-pc.general,comp.sys.att,att.sys.unixpc Subject: Re: Two more 3b1 software bugs (collect all 500!) Keywords: correction to setuid(2) bug report Message-ID: <8034@alice.UUCP> Date: 11 Jul 88 02:09:47 GMT Organization: AT&T Bell Laboratories, Murray Hill NJ Lines: 19 I wrote: >I have a program that is run suid to "foo", where foo != root. >It has code that looks like this: > > real_uid = getuid(); /* The effective user ID is still "foo". */ > . > . > setuid(uid); /* Now the real and effective user IDs are both real_uid. */ Of course that last line should be setuid(real_uid); /* Now the real and effective user IDs are both real_uid. */ (And no, that doesn't fix the problem -- only my description of the bug was in error, the bug is really there.) Bob Wilber Work: UUCP: {allegra, mtune, ihnp4}!gauss!wilber ARPA: wilber@research.att.com