Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT cygwin DOT com>
List-Help: <mailto:cygwin-developers-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT cygwin DOT com
Delivered-To: mailing list cygwin-developers AT cygwin DOT com
Message-Id: <3.0.5.32.20030122220024.007dc9a0@mail.attbi.com>
X-Sender: phumblet AT mail DOT attbi DOT com
Date: Wed, 22 Jan 2003 22:00:24 -0500
To: cygwin-developers AT cygwin DOT com
From: "Pierre A. Humblet" <Pierre DOT Humblet AT ieee DOT org>
Subject: Re: setregid() and setreuid() implementation proposal
In-Reply-To: <20030122174219.GO29236@cygbert.vinschen.de>
References: <20030122173459 DOT GM29236 AT cygbert DOT vinschen DOT de>
 <20030116190119 DOT GD820 AT tishler DOT net>
 <20030117120131 DOT GF1142 AT cygbert DOT vinschen DOT de>
 <20030121183105 DOT GA2128 AT tishler DOT net>
 <20030122104819 DOT GC29236 AT cygbert DOT vinschen DOT de>
 <20030122172252 DOT GA628 AT tishler DOT net>
 <20030122173459 DOT GM29236 AT cygbert DOT vinschen DOT de>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"

At 06:42 PM 1/22/2003 +0100, Corinna Vinschen wrote:

Back to earth and to the original thread...

>Your code:
>
>    if (rgid != -1)
>      ERROR;
>    return setegid (egid);
>
>My tiny extension:
>
>    if (rgid != -1)
>      if (rgid == egid)
>        return setuid (rgid);
>      ERROR;
>    return setegid (egid);

I think the following is a full implementation. Cygwin doesn't
really care about the real uid, it's just bookkeeping. However
there is a posix requirement that setuid(ruid) must succeed, the
hard part of which would be to change the effective uid.
The only way to know is to do a dry run, that's the first seteuid32
below. The second one is for real. The third is to back out of 
the dry run if needed. Ditto for gid. Neither compiled nor tested.

Pierre

extern "C" int
setreuid32 (__uid32_t ruid, __uid32_t euid)
{
  int ret = 0;
  bool tried;	
  __uid32_t old_euid = myself->uid;

  if ((tried = ruid != ILLEGAL_UID && cygheap->user.real_uid != ruid && euid != ruid))
    ret = seteuid32 (ruid);
  if (!ret && euid != ILLEGAL_UID)
    ret = seteuid32 (euid); 
  if (tried && (ret || euid == ILLEGAL_UID) && seteuid32 (old_euid))
    system_printf ("Cannot restore original euid %u\n", old_euid);
  if (!ret && ruid != ILLEGAL_UID)
    cygheap->user.real_uid = ruid;
  debug_printf ("real: %d, effective: %d", cygheap->user.real_uid, myself->uid);
  return ret;
}