"Pigeon" == jah pigeon <Pigeon> writes:
>> Better still, use sudo and you will not have to do any C
>> programming :-)
Pigeon> Even for your set real u/gid trick? - given that there's
Pigeon> no setgid(1), and setuid(1) doesn't let you set the gid as
Pigeon> well? And it can manage that without being a security
Pigeon> hole? That's pretty neat.
Yes, sudo should work. That is because sudo actually runs the program
as root, not with the effective user id of root.
You might find it instructive to modify your little C program to run
"/usr/bin/id" instead of exim and see what it prints out with
different combinations of setuid/setgid file permissons and sudo.
You did mean setuid(2) up there, right? There is a setgid(2) call. I
have not heard that sudo is inherently insecure in any specific way
(but I'm not a long time sudo user).
Cheers!
Shyamal
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
