site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com On 4 Jan 2006, at 11:31 AM, Terry Lambert wrote: something like: main() { // relinquish suid until it is required seteuid(getuid()); ... // this bit of code requires suid seteuid(0); ... // no longer needed revert back to real uid seteuid(getuid()); } -- Rohan Lloyd _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... To answer your original question, though, the security guys generally frown on SUID/SGID anything, even if it's an ordinary user the thing impersonates. I agree with the above. But if you *do* find yourself using suid/ sgid, make sure you don't run the whole process as root. You should use seteuid() to toggle between the real uid and the setuid. Typically the very first thing you should do is revert back to the real uid. Then call seteuid() when you need root permission, and revert back immediately afterwards. This email sent to site_archiver@lists.apple.com