In message: <email@example.com>
Dag-Erling Smrgrav <firstname.lastname@example.org> writes:
: Attilio Rao <email@example.com> writes:
: > Dag-Erling Smrgrav <firstname.lastname@example.org> writes:
: > > Perhaps the test in setusercontext() should be changed to use
: > > geteuid() instead of getuid().
: > Yes, I think that it probabilly makes more sense (geteuid() testing in
: > setusercontext()).
: What if the user's ~/.login_conf sets a custom PATH, and the application
: switches back to root privs and fork()-exec()s some other program?
And we're back to the reason for why issetugid() :)