On Mon, 19 Aug 2002, Rick Cochran wrote:
> Date: Mon, 19 Aug 2002 09:19:11 -0400
> From: Rick Cochran <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: Re: LPRng: Remaining bugs in 3.8.14 build
>
> Villy Kruse wrote:
> > In addition, on AIX you can't ever change real user id, unless you also
> > set effective and saved uid to the same user id at the same time and
> > thereby dropping all superuser privileges and any hope of ever changing
> > back to the original user id. Thus setreuid() won't allow you to change
> > the real user id either without setting the effective uid at the same time.
>
> Many years ago, there was a heated battle about this on comp.unix.aix.
> Apparently, there is an undocumented system call which does what you
> want (There would have to be since this is a necessary function). The
> IBMer steadfastly refused to release the interface details, while others
> expressed their candid opinions of this policy. I remember that the
> piece of software in question at the time was wu-ftpd.
>
> Here is a potentially useful (not sure since I don't know what LPRng is
> trying to do) note I found in Google Groups by searching for 'setreuid
> "comp.unix.aix"':
>
The following may give you an idea what you can or can't do. This
is AIX 4.1.5.
Villy
root# cat c.c
#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <sys/id.h>
/**
#define ID_EFFECTIVE 0x01
#define ID_REAL 0x02
#define ID_SAVED 0x04
#define ID_LOGIN 0x08
#define ID_ACCT 0x10
**/
static void dispuid(void)
{
printf("%d %d %d %d %d\n",
getuidx(ID_EFFECTIVE),
getuidx(ID_REAL),
getuidx(ID_SAVED),
getuidx(ID_LOGIN),
getuidx(ID_ACCT));
}
main()
{
if (setuid(0) == -1) {
perror("setuid(0)");
}
dispuid();
printf("setuidx(ID_REAL, 227)\n");
if (setuidx(ID_REAL, 227)) {
perror("setuidx(ID_REAL, 227)");
}
dispuid();
printf("setuidx(ID_REAL, 0)\n");
if (setuidx(ID_REAL, 0)) {
perror("setuidx(ID_REAL, 0)");
}
dispuid();
printf("setuidx(ID_REAL|ID_EFFECTIVE, 227)\n");
if (setuidx(ID_REAL | ID_EFFECTIVE, 227)) {
perror("setuidx(ID_REAL|ED_EFFECTIVE, 227)");
}
dispuid();
printf("setuidx(ID_REAL|ID_EFFECTIVE, 0)\n");
if (setuidx(ID_REAL | ID_EFFECTIVE, 0)) {
perror("setuidx(ID_REAL|ED_EFFECTIVE, 0)");
}
dispuid();
if (setruid(0) == -1) {
perror("setruid(0)");
}
dispuid();
if (setruid(-1) == -1) {
perror("setruid(-1)");
}
dispuid();
if (setruid(227) == -1) {
perror("setruid(227)");
}
dispuid();
printf("setreuid(0, 227)\n");
if (setreuid(0, 227) == -1) {
perror("setreuid(0,227)");
}
dispuid();
printf("setreuid(-1, 227)\n");
if (setreuid(-1, 227) == -1) {
perror("setreuid(-1,227)");
}
dispuid();
printf("setreuid(-1, 0)\n");
if (setreuid(-1, 0) == -1) {
perror("setreuid(-1,0)");
}
dispuid();
printf("setreuid(227, 0)\n");
if (setreuid(227, 0) == -1) {
perror("setreuid(227,0)");
}
dispuid();
printf("setreuid(227, 227)\n");
if (setreuid(227, 227) == -1) {
perror("setreuid(227,227)");
}
dispuid();
return 0;
}
root#
root# cc c.c
root# ./a.out
0 0 0 0 -1
setuidx(ID_REAL, 227)
setuidx(ID_REAL, 227): Invalid argument
0 0 0 0 -1
setuidx(ID_REAL, 0)
setuidx(ID_REAL, 0): Invalid argument
0 0 0 0 -1
setuidx(ID_REAL|ID_EFFECTIVE, 227)
227 227 0 0 -1
setuidx(ID_REAL|ID_EFFECTIVE, 0)
0 0 0 0 -1
setruid(0): Not owner
0 0 0 0 -1
setruid(-1): Not owner
0 0 0 0 -1
setruid(227): Not owner
0 0 0 0 -1
setreuid(0, 227)
setreuid(0,227): Not owner
0 0 0 0 -1
setreuid(-1, 227)
setreuid(-1,227): Not owner
0 0 0 0 -1
setreuid(-1, 0)
0 0 0 0 -1
setreuid(227, 0)
0 0 0 0 -1
setreuid(227, 227)
227 227 227 0 -1
root# exit
-----------------------------------------------------------------------------
YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST
The address you post from MUST be your subscription address
If you need help, send email to [EMAIL PROTECTED] (or lprng-requests
or lprng-digest-requests) with the word 'help' in the body. For the impatient,
to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED]
with: | example:
subscribe LIST <mailaddr> | subscribe lprng-digest [EMAIL PROTECTED]
unsubscribe LIST <mailaddr> | unsubscribe lprng [EMAIL PROTECTED]
If you have major problems, send email to [EMAIL PROTECTED] with the word
LPRNGLIST in the SUBJECT line.
-----------------------------------------------------------------------------
