Porting to SVR3 system without seteuid() etc...

Mackinlay, Patrick pmackinlay at hatch.com.au
Wed Feb 28 06:37:08 GMT 2001


> That's UGLY - no seteuid.  I've worked with an os with a similar problem,
> and basically I had to write a define for seteuid, so that it just maps to

> setuid.
> 
> #define seteuid(x) setuid(x)
> 
> and #ifdef'ed it for that os in the includes.h file.
> 
>   If you don't care about security, this will work, but it's not 
> pretty....  I'm ASSUMING that CLIX at least has a setuid function???
> Don

Can someone fill me in on what the likely security holes are? Presumably,
Samba uses this to "impersonate" the connected user to achieve the right
file security checking? What will doing this muck up?

Regards,
Pat Mackinlay
Hatch Kaiser

EOM

NOTICE - This message is the property of HATCH.  It may also be confidential
and/or privileged.  If you are not the intended recipient of this message
you are hereby notified that you must not disseminate, copy or take any
action with respect to it.  If you have received this message in error
please notify HATCH immediately via e-mail to : mailadmin at hatch.com.au




More information about the samba-technical mailing list