matthew green wrote:
>    Someone had said that there was an example of why seteuid() won't
>    work, but so far haven't forwarded those examples to me.
> 
> 
> OK, the reason here is that with setreuid(), the user can have set
> either of these to any of the possible values available.  the policy

But this doesn't matter in this context, right ? The real user has
no control about how the suid binary calls setuid()/seteuid(). If the
binary ends up with both effective and real uid the more privileged
one, the program has security problem on it's own.

If (getuid() == geteuid()), yuu could safely assume it's the less
privileged one, AFAICS.

Jaromir
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>      http://www.ics.muni.cz/~dolecek/
@@@@  Wanna a real operating system ? Go and get NetBSD, damn!  @@@@