OT: X.org bug ( can someone enlighten me ? )

[jamex]

Hi,

I don't understand this piece of code:

if (getuid() == 0 || geteuid() != 0)

Why check if the geteuid() != 0 if we are only wanting to root to run the
block inside the if statement?

My reasoning is that if geteuid != 0 then the statement evaluates to true
and the code block gets run just like the statement evaluates to true if
the process does have uid of 0. This doesn't make sense to me.

Can anyone draw a better diagram to help me make some sense of this?


James

Re: OT: X.org bug ( can someone enlighten me ? )

[Ted Unangst]

On 5/3/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:

Hi,

I don't understand this piece of code:

if (getuid() == 0 || geteuid() != 0)

Why check if the geteuid() != 0 if we are only wanting to root to run the
block inside the if statement?


getuid returns the real user id, geteuid returns the effective user id.
so the question is:
  are we really root?
  or are we somebody else who doesn't have root privs?

in either case, it's ok to load modules from weird places.  if root is
running X, we trust them.  if it's not root, but they don't have euid
== 0, then they can't do any harm, so let them do what they want.

note that the test is broken if X is setuid to some id other than 0. 
now you can grab whatever privileges the non-root setuid has.