Re: setuid(geteuid());?

> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> > so it seems to make sure the real/saved uid matches the effective uid. 
> > Now, considering we don't use uid/euid distinction for anything, I agree
> > it is useless and should be removed.
> 
> No, it is NOT useless and must NOT be removed.  The point of this little
> machination is to be dead certain that we have given up root rights if
> executed as setuid postgres.  The scenario we're concerned about is
> where real uid = root and effective uid = postgres.  We want real uid
> to become postgres as well --- otherwise our test to prevent execution
> as root is a waste of time, because nefarious code could become root
> again just by doing setuid.  See the setuid man page: if real uid is
> root then setuid(root) will succeed.

I understand, but how do we get suid execution.  Does someone have to
set the seuid bit on the executable?

--  Bruce Momjian                        |  http://candle.pha.pa.us pgman@candle.pha.pa.us               |  (610)
853-3000+  If your life is a hard drive,     |  830 Blythe Avenue +  Christ can be your backup.        |  Drexel Hill,
Pennsylvania19026