HP3000-L Archives

July 1997, Week 3

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Change User-ID
From:
Stan Sieler <[log in to unmask]>
Reply To:
Stan Sieler <[log in to unmask]>
Date:
Thu, 17 Jul 1997 11:39:07 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (37 lines) 
Mark writes:
> After the fork() you can do this to change the userid:
>
>         GETPRIVMODE();
>         setuid(new_uid);
>         GETUSERMODE();
>
> You should only do this after careful validation of the new_uid to make sure
> the PC isn't trying to gain access to unauthorized users.

I recommend encapsulating the above as follows:

   int my_setuid (uid_t new_uid)
      {
      GETPRIVMODE ();
      return setuid (new_uid);
      }

Note the lack of call to GETUSERMODE().  This means that if my_setuid is
called from an already privileged routine, my_setuid will not
incorrectly return in user mode.

Of course, you could also do:

    GETPRIVMODE ();    /* returns CCE if was in user mode */
    need_getusermode_call = (CCODE() == CCE);

    if (setuid (new_uid))
       ...oops, setuid failed...

    if (need_getusermode_call)
       GETUSERMODE ();

--
Stan Sieler                                          [log in to unmask]
                                     http://www.allegro.com/sieler.html

ATOM RSS1 RSS2