On 5/3/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Hi,
I don't understand this piece of code:
if (getuid() == 0 || geteuid() != 0)
Why check if the geteuid() != 0 if we are only wanting to root to run the
block inside the if statement?
getuid returns the real user id, geteuid returns the effective user id.
so the question is:
are we really root?
or are we somebody else who doesn't have root privs?
in either case, it's ok to load modules from weird places. if root is
running X, we trust them. if it's not root, but they don't have euid
== 0, then they can't do any harm, so let them do what they want.
note that the test is broken if X is setuid to some id other than 0.
now you can grab whatever privileges the non-root setuid has.
