Corrected unix patch

Eric Mertens emertens at galois.com
Wed May 19 12:57:26 EDT 2010


On Wed, 2010-05-19 at 15:53 +0100, Magnus Therning wrote:
> On Mon, May 17, 2010 at 19:21, Eric Mertens <emertens at galois.com> wrote:
> > Hello,
> >
> > It looks like my darcs-fu is a bit rusty. I've attached the patch with
> > all of the changes to this message for adding the missing functions to
> > unix package
> 
> It was a while ago that I looked into uid/gid issues on Unix, but as I
> remember it it wasn't very straight forward, especially for setting.
> Particularly worrying was that it is fairly easy to get into the
> position where one thinks that the uid/gid has been irreversibly
> changed from root, while in fact this isn't the case.  I also remember
> that the "correct" way of  changing uid/gid differed between Unix
> platforms.  A quick look at this patch leads me to believe that this
> hasn't been taken into account.  Am I correct in this?

You are correct that this patch does not attempt to normalize the
differences between platforms. As you've noted, switching userIDs can be
complicated, but it doesn't seem that the unix package goes to great
lengths to normalize all potential differences and having these function
exported could be a starting point for a higher-level library to support
userID switching more regularly.

> The paper that removed the mist surround uid/gid was Setuid Demystified[1].

-- 
Eric Mertens <emertens at galois.com>
Galois, Inc.



More information about the Libraries mailing list