> setreuid(pwd->pw_uid, pwd->pw_uid);
> setregid(pwd->pw_gid, pwd->pw_gid);
> Is it really necessary? I guess it's a protection in case the program
AFAIK, it is necessary to actually set the effective uid to 0. OTOH I
don't think setresuid is necessary, because the purpose of the setuid
permission flag is indeed to set the saved uid of the process to the
owner of the file once the OS executes it.
Thanks for the review, Chris!
[1]
Nice, thanks for hint.
[2]
Fixed.
[3]
> setreuid( pwd->pw_ uid, pwd->pw_uid); pwd->pw_ gid, pwd->pw_gid);
> setregid(
> Is it really necessary? I guess it's a protection in case the program
AFAIK, it is necessary to actually set the effective uid to 0. OTOH I
don't think setresuid is necessary, because the purpose of the setuid
permission flag is indeed to set the saved uid of the process to the
owner of the file once the OS executes it.