Re: Daemon IDs and groups aka setuid setgid vs $< $> $( $)

I haven't looked closely at your code, but are you aware that it is usually necessary to change GID before UID? Once you've changed UID, you no longer have appropriate permissions to change GID. I should imagine that similar restrictions apply to effective vs real, but I can't remember off the top of my head.

Dave.

Comment on Re: Daemon IDs and groups aka setuid setgid vs $< $> $( $)

Replies are listed 'Best First'.
Re^2: Daemon IDs and groups aka setuid setgid vs $< $> $( $) by furrypop (Novice) on May 19, 2005 at 08:01 UTC
Dave, Many thanks for the reply. No, I wasn't aware about the necessity to change group before ID. That's fixed it. I still note, however, that `setuid` and `setgid` do not affect the effective ID. This is despite what the documentation says (just over halfway down). I've adjusted the script to only send `setgid` a single number as opposed to a space-separated list, but there's still no effect to the effective. I'm certain it's down to my understanding. I would rather use the POSIX calls than the special variables, so if anyone has any more comments, I'd welcome them. J.	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re^2: Daemon IDs and groups aka setuid setgid vs $< $> $( $)
by furrypop (Novice) on May 19, 2005 at 08:01 UTC

Many thanks for the reply.

No, I wasn't aware about the necessity to change group before ID. That's fixed it.

I still note, however, that setuid and setgid do not affect the effective ID. This is despite what the documentation says (just over halfway down). I've adjusted the script to only send setgid a single number as opposed to a space-separated list, but there's still no effect to the effective.

I'm certain it's down to my understanding. I would rather use the POSIX calls than the special variables, so if anyone has any more comments, I'd welcome them.

[reply]
[d/l]
[select]