[LightDM] Problem with LightDM on Solaris build
Brian Cameron
brian.cameron at oracle.com
Tue Nov 29 10:47:04 PST 2011
Raimund:
Solaris does have setreuid/setregid. I believe the only difference
between these and the setresuid/setresgid variants is that the
later also sets the "saved user/group" value. If setreuid/setregid
is sufficient, a solution might also be to use these.
Brian
On 11/29/11 11:50 AM, Raimund Steger wrote:
> Hi,
>
> On 2011-11-29 18:07, Guido Berhoerster wrote:
>> [...]
>>>
>>> Is the use of these functions necessary? Would it make sense to #ifdef
>>> the code so it can also build and work on Solaris? Any advice about how
>>> to make this code more portable would be appreciated.
>>
>> privileges_drop() is being called from the lightdm daemon running
>> with root privileges, so manipulating real and effective uid/gid
>> without side effects on the saved uid is possible via procfs, ie.
>> /proc/<pid>/ctl. Restoring them later in privileges_reclaim
>> should be possible by first calling setuid() for setting the
>> effective to the saved and then setreuid() for setting the real
>> to the effective uid (and analoguosly calling setgid()/setregid()
>> for restoring the effective/real gid).
>
> I wonder, is it even necessary in this situation to set the real user ID?
>
> Wouldn't setegid()/seteuid() (first to the user's, then back to 0)
> suffice for filesystem operations?
>
> -Raimund
>
More information about the LightDM
mailing list