> > Could you elaborate why? I cannot see much of a difference in these > > when it comes to the topic at hand. Doesn't set[ug]id set all ids > > to > > the given one? > > No, it only sets one of the three (real, effective and saved) uid/gid > to the given one; setres[ug]id() is the one that sets them all.
Actually I think that's only correct if you're running under a non-root uid. If your effective uid is 0 all uids will be set to the given value and thus there is no way back for the application to be root again. As I understand it, this is the POSIX way. Anyway, I'm going to prepare a patch. Thanks, Michael -- Michael Meskes Michael at Fam-Meskes dot De Michael at Meskes dot (De|Com|Net|Org) Meskes at (Debian|Postgresql) dot Org
