[OpenIndiana-discuss] Solaris privileges and seteuid()

Gordon Ross gordon.w.ross at gmail.com
Mon Aug 20 22:18:22 UTC 2012


On Fri, Aug 17, 2012 at 5:44 AM, Frank Lahm <franklahm at gmail.com> wrote:
> 2012/8/17 James Relph <james at themacplace.co.uk>:
[...]
>>
>> Thanks very much for that confirmation, really doesn't seem obvious in a lot of the documentation!  I don't have a system handy to test today (will do over the weekend) but I'll try and get a better idea of how that works over the weekend (in particular after a reboot, what UID/GID will a file/folder show (ie. with ls) until the same user logs in again and the new ephemeral mapping is created?).
>
> ephemeral ids break setuid/seteuid because they are not static on a
> _running_ system. They may change anytime. Thus any POSIX compliant
> application relying on these functions for privileges can not use
> them.

Really?  Where is your evidence?  I don't think I've ever seen one
change except after a reboot.


-- 
Gordon Ross <gwr at nexenta.com>
Nexenta Systems, Inc.  www.nexenta.com
Enterprise class storage for everyone



More information about the OpenIndiana-discuss mailing list