Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!cs.utexas.edu!uunet!auspex!guy
From: guy@auspex.auspex.com (Guy Harris)
Newsgroups: comp.unix.wizards
Subject: Re: Real and effective userids.
Message-ID: <2529@auspex.auspex.com>
Date: 3 Oct 89 17:59:19 GMT
References: <288@bmers58.UUCP> <2204@hydra.gatech.EDU> <1219@virtech.UUCP> <291@bmers58.UUCP>
Reply-To: guy@auspex.auspex.com (Guy Harris)
Organization: Auspex Systems, Santa Clara
Lines: 26

>This is intuitively the way things should work, but when I open a file
>from within a setuid program it appears to enforce the access rights of
>the real userid and not those of the effective userid. Why is this?

Because either:

	1) your UNIX implementation is broken;

	2) the program that does the open also calls "access" to check
	   whether it's really allowed to open the file or not;

	3) the program uses "setuid()" or whatever to relinquish its
	   set-UID privileges before opening the file;

	4) your program really isn't running set-UID for some reason;

	5) you're misinterpreting what's actually happening.

On non-broken UNIX implementations, the "open" call uses the effective
UID to enforce access rights.  Try a trivial set-UID program that prints
the real and effective UIDs, and then just opens a specified file,
reporting success or failure (use "perror" to report failure), and
closes the file, doing nothing else.  If *that* acts as if it's using
the real UID to check permissions, and the printout reports that it is,
in fact, set-UID to the UID to which it should be set-UID, 1) is the
most likely cause....