We have the following setup for our developers here: There
is a global directory containing all the source files of
our project - they are owned by a special user called 'project'.
People check out/in files from there to their local development
directories with RCS, and after checking them back in we want
the tool to be compiled and linked in the global directory.
Under SunOS (4.1.3) I used a C program as a wrapper, that was set
setuid to the project user and called gmake with a popen(). At the
beginning it called setreuid() to set the uid from the euid -
Now under Solaris (2.) I tried to do the same, but it looks like
the effective user id doesn't survive the fork() - gmake is called
with the real uid of the user who calls the wrapper. I even tried
to use a setuid-copy of gmake - same result.
Does anyone have an idea on how to solve this ?
Another thing - this isn't a security problem, it's just to keep
ownership and permissions of the global files consistent. Anyway,
giving the password of project to all users (so they can 'su' before
calling make) is not an option. Same applies for giving group permissions
to all files and thrust that the people handle their umasks correctly.
University of Vienna, Austria | Tel: 0222/310 56 08/84
Department for Software Technology | Fax: 0222/310 56 08/88
and Parallel Systems | Liechtensteinstrasse 22, A-1090 Wien