If you’ve ever written a setuid
program and thought about the security
implications, you’ll know that it is a messy job to get straight. I’ve been
reading a very interesting article by Tsafir, da Silva and Wagner called
The Murky Issue of Changing Process Identity: revising “setuid de-mystified”
in the March 2009 UKUUG newsletter. The authors unravel the non-portable
mess that set*id
functions are, and present a layer of abstraction to
help us mortals to get to grips with the issues. Source code is available
as well as the article itself.