[ On Fri, October 2, 1998 at 09:11:32 (-0700), Eduardo E. Horvath wrote: ]
> Subject: Re: chroot(2) 
>
> OTOH, these changes will prevent the OS from virtualizing itself since
> the root -> user -> root transition would be disallowed.  Is reaquiring
> root privilege safe under the present scheme?

Allowing a setuid-root process to reacquire its effective ID after
becoming somone else is *never* "safe".  Period.  End of discussion.  It
breaks the basic tennant of Unix super-user and setuid design:  the only
way a process can (re)gain privilege is to exec a setuid binary.

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>