Excuse me please for hidding our e-mailing with Christian Limpach, whom
comments was very helpful. There is a forwarded message.

+---- Begin forwarded message: ----
|Date: Fri, 21 May 2004 16:57:34 +0300
|From: "Mike M. Volokhov" <mishka@apk.od.ua>
|To: Christian Limpach <chris@pin.lu>
|Subject: Re: UID and EUID in xBSD and Linux

On Wed, 12 May 2004 14:43:40 +0200
Christian Limpach <chris@pin.lu> wrote:

Yes, you're right. Even installing bash on NetBSD I got the same result
as on Linux with /bin/sh linked to /bin/bash.

Thank you very much!

--
Mishka.


> Hi,
> 
> the difference might be system(3) calling /bin/bash on Linux (since /bin/sh
> is linked to /bin/bash) and /bin/sh on NetBSD and I seem to remember that
> bash does some set*id calls.  You could try installing ksh on your Linux
> system and make /bin/sh point to it instead of /bin/bash and then rerun your
> tests.
> 
>     christian
> 
> ----- Original Message ----- 
> From: "Mike M. Volokhov" <mishka@apk.od.ua>
> To: <current-users@netbsd.org>
> Sent: Wednesday, May 12, 2004 9:55 AM
> Subject: UID and EUID in xBSD and Linux
> 
> 
> > Greetings!
> >
> > I'm faced within following problem. On my NetBSD and FreeBSD boxes any
> > non-SUID program called via SUID executable will use the same EUID/EGID
> > as original one (SUID). The Linux drops this permissions for all called
> > programs. For example, let assume we have the following files:
> >
> > -rw-r--r--  1 mishka  wheel   389 May 12 10:30 Makefile
> > -rwxr-xr-x  1 mishka  wheel  4807 May 12 10:30 nonsuid*    (non-SUID
> executable)
> > -rw-r--r--  1 mishka  wheel   259 Apr 29 17:28 nonsuid.c   (source)
> > -rwxr-xr-x  1 mishka  wheel    29 Apr 29 17:14 nonsuid.sh* (non-SUID
> /bin/sh scr.)
> > -rwxr-xr-x  1 mishka  wheel   249 Apr 29 17:31 runtest.sh*
> > -rw-------  1 nobody  wheel    29 Apr 29 17:01 secret.txt  (nobody-owned
> file)
> > -rwsr-xr-x  1 nobody  wheel  4808 May 12 10:30 suid*       (SUID
> executable)
> > -rw-r--r--  1 mishka  wheel   262 Apr 29 17:28 suid.c      (source)
> >
> > The 'secret.txt' file is a non-readable file for user mishka. The
> > 'runtest.sh' is a shell script which runs all programs above. The
> > 'nonsuid.sh' is a shell script contains only "id ; cat secret.txt"
> > string. The 'suid' program runs 'nonsuid.sh' using system(3) call and
> > displays the RUID and EUID. The 'nonsuid' program just like 'suid' one,
> > but runs 'suid' instead of 'nonsuid.sh'.
> >
> > The output on xBSD as follows (I've removed groups for shorten):
> >
> > xbds% ./runtest.sh
> > 1. Plain read of secure file (cat secret.txt)
> > cat: secret.txt: Permission denied
> > 2. Running non-SUID /bin/sh program (./nonsuid.sh)
> > uid=100(mishka) gid=5(operator)
> > cat: secret.txt: Permission denied
> > 3. Running non-SUID via SUID program (./suid)
> > suid.c: ID: 100 EID: 65534
> > uid=100(mishka) euid=65534(nobody) gid=5(operator)
> > This is a secret contest :-)
> > 4. Running non-SUID via SUID, called via non-SUID C program (./nonsuid)
> > nonsuid.c: ID: 100      EID: 100
> > suid.c: ID: 100 EID: 65534
> > uid=100(mishka) euid=65534(nobody) gid=5(operator)
> > This is a secret contest :-)
> >
> > When the Linux shows me (mishka's id = 1000, nobody's id = 1001):
> >
> > linux$ ./runtest.sh
> > 1. Plain read of secure file (cat secret.txt)
> > cat: secret.txt: Permission denied
> > 2. Running non-SUID /bin/sh program (./nonsuid.sh)
> > uid=1000(mishka) gid=100(users)
> > cat: secret.txt: Permission denied
> > 3. Running non-SUID via SUID program (./suid)
> > suid.c: ID: 1000        EID: 1001
> > uid=1000(mishka) gid=100(users)
> > cat: secret.txt: Permission denied
> > 4. Running non-SUID via SUID, called via non-SUID C program (./nonsuid)
> > nonsuid.c: ID: 1000     EID: 1000
> > suid.c: ID: 1000        EID: 1001
> > uid=1000(mishka) gid=100(users)
> > cat: secret.txt: Permission denied
> >
> > As you can see Linux drops EUID on any children processes, when xBSDs
> > left it the same. Which system is more correct in this case?
> >
> > Any help would be appreciated.
> >
> > --
> > Mishka.
> >
> >
> >
> 

+--- End of forwarded message ----