Xref: utzoo unix-pc.general:1066 comp.sys.att:3739
Path: utzoo!utgpu!water!watmath!clyde!whuts!mhuxh!mhuxu!mhuxt!mhuxi!mhuhk!mhuxo!ulysses!andante!alice!wilber
From: wilber@alice.UUCP
Newsgroups: unix-pc.general,comp.sys.att,att.sys.unixpc
Subject: Re: Two more 3b1 software bugs (collect all 500!)
Keywords: correction to setuid(2) bug report
Message-ID: <8034@alice.UUCP>
Date: 11 Jul 88 02:09:47 GMT
Organization: AT&T Bell Laboratories, Murray Hill NJ
Lines: 19

I wrote:
>I have a program that is run suid to "foo", where foo != root.
>It has code that looks like this:
>
>  real_uid = getuid(); /* The effective user ID is still "foo". */
>  .
>  .
>  setuid(uid); /* Now the real and effective user IDs are both real_uid. */

Of course that last line should be

  setuid(real_uid); /* Now the real and effective user IDs are both
                       real_uid. */

(And no, that doesn't fix the problem -- only my description of the bug was
in error, the bug is really there.)

Bob Wilber   Work: UUCP: {allegra, mtune, ihnp4}!gauss!wilber
                   ARPA: wilber@research.att.com