diff options
| author | Garry T. Williams <garry@zvolve.com> | 2000-09-04 08:09:44 -0400 |
|---|---|---|
| committer | Jarkko Hietaniemi <jhi@iki.fi> | 2000-11-01 20:56:34 +0000 |
| commit | a043a68546f5b73797216edaeee5d9ddb364c19a (patch) | |
| tree | 1adac73aaa089abb5b9dffc4afb47c6994909b03 /pod | |
| parent | e093bcf0cf7ac8078690b5226007992e026a34d0 (diff) | |
| download | perl-a043a68546f5b73797216edaeee5d9ddb364c19a.tar.gz | |
Make the POSIX::setuid and POSIX::setgid to really call setuid()
and setgid() because they were just changing $< and $( which means
only changing the real uid/gid, as opposed to changing both
real and effective ids. (The alternative way could have been
in POSIX.pm to change $> and $), too, but making a direct call
to the C API feels cleaner.) Fixes the bug
Subject: [ID 20000904.005] POSIX::setuid() Doesn't Call setuid()
Message-Id: <200009041609.e84G9iN12155@ifr.inside.zvolve.net>
p4raw-id: //depot/perl@7521
Diffstat (limited to 'pod')
| -rw-r--r-- | pod/perlvar.pod | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/pod/perlvar.pod b/pod/perlvar.pod index 83f4d9cd9e..49cdcb273e 100644 --- a/pod/perlvar.pod +++ b/pod/perlvar.pod @@ -619,7 +619,8 @@ across fork() calls. (Mnemonic: same as shells.) =item $< The real uid of this process. (Mnemonic: it's the uid you came I<from>, -if you're running setuid.) +if you're running setuid.) You can change both the real uid and +the effective uid at the same time by using POSIX::setuid(). =item $EFFECTIVE_USER_ID @@ -632,6 +633,9 @@ The effective uid of this process. Example: $< = $>; # set real to effective uid ($<,$>) = ($>,$<); # swap real and effective uid +You can change both the effective uid and the real uid at the same +time by using POSIX::setuid(). + (Mnemonic: it's the uid you went I<to>, if you're running setuid.) C<< $< >> and C<< $> >> can be swapped only on machines supporting setreuid(). @@ -652,6 +656,9 @@ However, a value assigned to C<$(> must be a single number used to set the real gid. So the value given by C<$(> should I<not> be assigned back to C<$(> without being forced numeric, such as by adding zero. +You can change both the real gid and the effective gid at the same +time by using POSIX::setgid(). + (Mnemonic: parentheses are used to I<group> things. The real gid is the group you I<left>, if you're running setgid.) @@ -674,6 +681,9 @@ empty list for setgroups(), just repeat the new effective gid; that is, to force an effective gid of 5 and an effectively empty setgroups() list, say C< $) = "5 5" >. +You can change both the effective gid and the real gid at the same +time by using POSIX::setgid() (use only a single numeric argument). + (Mnemonic: parentheses are used to I<group> things. The effective gid is the group that's I<right> for you, if you're running setgid.) |