Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Nope, that's exactly how setuid works. You're setting the [s]pecial bit on a binary to tell the system to always run it as the provided [u]ser


Nope, setuid programs have an effective UID as the owner (often root), but also have the real user ID of the original user. Programs intended for setuid operation pay attention to this; it is very important. They can use to to perform certain operations under privilege and then permanently drop to the original user.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: