Re: [exim] static code analyze for exim-4.72

Góra strony
Delete this message
Reply to this message
Autor: Ted Cooper
Data:  
Dla: exim-users
Temat: Re: [exim] static code analyze for exim-4.72
On 20/11/10 00:31, Nigel Metheringham wrote:
> The last 2 (setuid/setgid return checking) should be dealt with,
> as long as there aren't ancient Unix variants which return void.


That was the case of impossible failure. They're contained in an if
statement that checks to see if it's running as root before being
called. Both values used are returned from functions that don't fail
either.

####

real_uid = getuid();
real_gid = getgid();

if (real_uid == root_uid)
{
setgid(real_gid); /* root cannot fail at this */
setuid(real_uid); /* or this */
}

####

setuid ERRORS
       EAGAIN The uid does not match the current uid and uid brings
process over its RLIMIT_NPROC resource limit.


       EPERM  The  user  is not privileged (Linux: does not have the
CAP_SETUID capability) and uid does not match the real UID or saved set-
              user-ID of the calling process.


Or can it fail? If root ran the program when it was setuid to some other
user with too many processes already?