1. UID / effective UID problem
Hi,
Consider a user U, programs A which is set-uid A, program B is set-uid B.
U, A, and B are all simple mortals. No root-privilege.
Now, U calls A. As part of it's job, A fork/execs B. U should not need to
know that B is involved.
So we have
real UID effective UID saved-set-UID
-------------------------------------------------------------
U's shell U U U
program A U A A
program B U B B
A 'knows' its user U calling, and can check his credentials in , say, A.allow.
I want B to be able to authorize A using it's B.allow. But it can't! It can't
tell that its being called by A.
It does know the original caller was U, but in my situation that's irrelevant.
So, I studied Steven's 'Advanced Programming in the Unix Environment', section
8.10. to find out that BSD has a setreuid(), which can swap the real and
effective uid.
All other calls don't seem to help in this particular problem.
Now it looks like this:
real UID effective UID saved-set-UID
-------------------------------------------------------------
U's shell U U U
program A U A A
setreuid(..) A U A
program B A B B
That's exactly what I want! B can now whether A has the right to call B.
U is no longer visible!
Great. But *sigh*, it's not in XPG4, which is our portability goal.
So here's the question:
How can B tell it's A calling, using stuff available in Xopen XPG4 ??
Any hints are very much appreciated!
--
Ideta, 6 Frankemaheerd, 1102 AN Amsterdam, the Netherlands
My opinions are my own, not necessarily my boss's.
Everything's relative - absolutely.
2. CS46xx LFE and Center and Rear Speaker support
3. effective UID vs. Real UID with su - problem
4. Help with Exabyte drive!!!
5. setuid to a non-root uid for both effective&real uid
6. I killed my FTP Server!?
7. Set effective uid?
8. Encounter problem with unix98 ptys
9. problems setting effective UID
10. man: can't set effective UID ???
11. Effective and Real UID and GID
12. Spawning shells with different effective uid's
13. Switching effective UID based on authentication
by