Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!cs.utexas.edu!uunet!auspex!guy From: guy@auspex.auspex.com (Guy Harris) Newsgroups: comp.unix.wizards Subject: Re: Real and effective userids. Message-ID: <2529@auspex.auspex.com> Date: 3 Oct 89 17:59:19 GMT References: <288@bmers58.UUCP> <2204@hydra.gatech.EDU> <1219@virtech.UUCP> <291@bmers58.UUCP> Reply-To: guy@auspex.auspex.com (Guy Harris) Organization: Auspex Systems, Santa Clara Lines: 26 >This is intuitively the way things should work, but when I open a file >from within a setuid program it appears to enforce the access rights of >the real userid and not those of the effective userid. Why is this? Because either: 1) your UNIX implementation is broken; 2) the program that does the open also calls "access" to check whether it's really allowed to open the file or not; 3) the program uses "setuid()" or whatever to relinquish its set-UID privileges before opening the file; 4) your program really isn't running set-UID for some reason; 5) you're misinterpreting what's actually happening. On non-broken UNIX implementations, the "open" call uses the effective UID to enforce access rights. Try a trivial set-UID program that prints the real and effective UIDs, and then just opens a specified file, reporting success or failure (use "perror" to report failure), and closes the file, doing nothing else. If *that* acts as if it's using the real UID to check permissions, and the printout reports that it is, in fact, set-UID to the UID to which it should be set-UID, 1) is the most likely cause....