Daemon impotent after dropping priviledges with setuid()
I have a peculiar problem with a daemon. Some of the tasks that the daemon
needs to accomplish should be done with reduced priviledges, particularly
if they are complex or depend on user input. So the daemon forks a child
process, which setuid's to some lesser user.
Unfortunately, as soon as the daemon setuid(some_other_userid), it can
no longer write files. Not into the home directory of some_other_userid,
not into /tmp, ... I haven't found anywhere that the daemon can write
without receiving a "permission denied" error.
The files didn't exist before the daemon action. Permissions to /tmp
are 777+t. Doing a getuid(), geteuid() show that the permissions were
set properly in the daemon's child process.
The same user can write files into these same directories without error
from the console or from a plain 'C' program. The daemon's child
(before setuid) also succeeds at writing files. 'strace -f' doesn't
show any problem until the open() call results in the permission denied
error.
This is on a 'squeeze' system, 64 bit i7 860 that otherwise seems to run
properly.
Anyone have any hints? Suggestions for diagnosing things? Would be
appreciated!!
-f
Reply to: