I don't fully understand all of the setuid functions.  I'd like to be able
to set the real userid of a process without having root access (so customers
can have the proper Sender: line in their e-mail from CGI programs).  There
seems to be some discrepency in the man pages.

Basically, I have no trouble setting the effective uid (setuid bit on the
file), but it seem the only way I can change the real user id is if the
effective uid is root.  Is this there for security reasons?  The setruid man
page states:

>  If the user is not the super user, or the uid (gid) specified is not the
>     real or effective ID of the process, these functions return -1.

I know setruid (and setreuid) are deprecated, but according to the man page
it should work, because the uid specified is the effective of the process.
Here is the line that allways fails unless its running as root:

setruid(geteuid());

According to the man page, setreuid should work as well, but it doesn't.
The man page does say that setuid WON'T work in this scenario either.

Right now I'm using a root wrapper that does the work, but I'd rather not
have to do that (I don't see why it's necesary).

Thanks,
        Rick
=========================================================================
Rick Byers                                      Internet Access Worldwide
rickb@iaw.on.ca                                System Admin, Tech Support
Welland, Ontario, Canada                                    (905)714-1400
http://www.iaw.on.ca/rickb/                         http://www.iaw.on.ca/