Both setegid and seteuid were implemented suboptimally, such that

we were unable to switch back to the original saved group/user ID.
 -Erik

diff --git a/libc/sysdeps/linux/common/setegid.c b/libc/sysdeps/linux/common/setegid.c
index 90928c2..100a345 100644 (file)
--- a/libc/sysdeps/linux/common/setegid.c
+++ b/libc/sysdeps/linux/common/setegid.c
@@ -1,8 +1,28 @@
-#include <stdlib.h>
+#define _GNU_SOURCE
 #include <unistd.h>
+#include <stdio.h>
+#include <errno.h>
+#include <grp.h>
 #include <sys/types.h>
+#include <sys/syscall.h>
 
 int setegid(gid_t gid)
 {
-       return setregid(-1, gid);
+    int result;
+
+    if (gid == (gid_t) ~0)
+    {
+       __set_errno (EINVAL);
+       return -1;
+    }
+
+#ifdef __NR_setresgid
+    result = setresgid(-1, gid, -1);
+    if (result == -1 && errno == ENOSYS)
+       /* Will also set the saved group ID if egid != gid,
+        * making it impossible to switch back...*/
+#endif
+       result = setregid(-1, gid);
+
+    return result;
 }

diff --git a/libc/sysdeps/linux/common/seteuid.c b/libc/sysdeps/linux/common/seteuid.c
index fbf6090..e970e07 100644 (file)
--- a/libc/sysdeps/linux/common/seteuid.c
+++ b/libc/sysdeps/linux/common/seteuid.c
@@ -1,9 +1,28 @@
+#define _GNU_SOURCE
 #include <unistd.h>
 #include <stdio.h>
 #include <errno.h>
+#include <pwd.h>
 #include <sys/types.h>
+#include <sys/syscall.h>
 
 int seteuid(uid_t uid)
 {
-    return setreuid(-1, uid);
+    int result;
+
+    if (uid == (uid_t) ~0)
+    {
+       __set_errno (EINVAL);
+       return -1;
+    }
+
+#ifdef __NR_setresuid
+    result = setresuid(-1, uid, -1);
+    if (result == -1 && errno == ENOSYS)
+       /* Will also set the saved user ID if euid != uid,
+        * making it impossible to switch back...*/
+#endif
+       result = setreuid(-1, uid);
+
+    return result;
 }