Aucbvax.4466 fa.unix-wizards utzoo!decvax!ucbvax!unix-wizards Thu Oct 15 22:50:44 1981 Re: double setuid programs >From Lepreau@UTAH-20 Thu Oct 15 21:06:16 1981 I think that a more elegant solution, which would also have other benefits, would be the addition of the system calls xchuid() and xchgid()-- exchange real and effective id's. Eric Scott proposed this some time ago as a means of "temporarily disabling ones privileges," and would also solve your mkdir problem. Looked at slightly differently, it might also be useful by setuid programs which wanted to only "temporarily ENABLE their privileges." Thus programs which currently could never be made setuid because of security holes, could be more safely made setuid by only "enabling" themselves in limited sections of code. Jay Lepreau ------- ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.