[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: setuid()

Hi Chetan,
   May be i am wrong but ne way here is what i feel about your query.
You may have some programs developed in certain environment and ned to ship
to your client. But at the clients place the hierarchy of the file system
 directory structure )
etc may be different and may not be according to the need of your program.
To create certain folders in certain directories you may need super user
rights and for that
you may use setuid(0) ( set the rights of the current program to super user
rights )
and it may work out well.
Another way to look at this example is to have a hacker set this program
and get it uploaded into your machine somehow and run this program with
superuser rights...
Well there are ways possible to retain the uid and euid of the program and
cause destruction to
your system.
- Mahesh

----- Original Message -----
From: Chetan Gopal Kashinath <chetuk@xxxxxxx>
To: LIP <linux-india-programmers@xxxxxxxxxxxxxxxxxxxxx>
Sent: Monday, July 10, 2000 11:42 PM
Subject: [LIP] setuid()

> hi,
>     will somebody please give me a small code demonstrating the use of
> setuid(). i went through the man pages but could not understand anything.
> seems to do something abt bypassing the permissions of a file for a
> time.
>     a small code segment ( need not be working ) which will explain what
> is meant for and how it is to be used will be a LOT of help.
> thank you
> - chetu

 |                                               |
 |         Mahesh V                      |
 |     LTITL Bangalore               |
 |_______________________ |
                 o00O   O00o