Advanced Programming in the UNIX® Environment

ptg10805159

260 Process Control Chapter 8

seteuidto set its effective user ID to our user ID. This prevents any accidental

misuse of privilege. At this point, we have

real user ID = our user ID (unchanged)

effective user ID = our user ID

saved set-user-ID =root(unchanged)

5. The daemon starts out running withrootprivileges. Torun commands on our
   behalf, the daemon callsforkand the child callssetuidto change its user ID
   to our user ID. Because the child is running withrootprivileges, this changes
   all of the IDs.We have
   real user ID = our user ID
   effective user ID = our user ID
   saved set-user-ID = our user ID
   Now the daemon can safely execute commands on our behalf, because it can
   access only the files to which we normally have access. We have no additional
   permissions.
   By using the saved set-user-ID in this fashion, we can use the extra privileges granted to
   us by the set-user-ID of the program file only when we need elevated privileges. Any
   other time, however,the process runs with our normal permissions. If we weren’t able
   to switch back to the saved set-user-ID at the end, we might be tempted to retain the
   extra permissions the whole time we wererunning (which is asking for trouble).

8.12 Interpreter Files

All contemporary UNIX systems support interpreter files. These files aretext files that

begin with a line of the form

#!pathname [ optional-argument ]

The space between the exclamation point and thepathnameis optional. The most

common of these interpreter files begin with the line

#!/bin/sh

Thepathname is normally an absolute pathname, since no special operations are

performed on it (i.e.,PATHis not used). The recognition of these files is done within the

kernel as part of processing theexecsystem call. The actual file that gets executed by

the kernel is not the interpreter file, but rather the file specified by thepathnameon the

first line of the interpreter file. Be sure to differentiate between the interpreter file—a

text file that begins with#!—and the interpreter,which is specified by thepathnameon

the first line of the interpreter file.

Be awarethat systems place a size limit on the first line of an interpreter file. This

limit includes the#!,thepathname,the optional argument, the terminating newline, and

any spaces.

On FreeBSD 8.0, this limit is 4,097 bytes. On Linux 3.2.0, the limit is 128 bytes. Mac OS X

10.6.8 supports a limit of 513 bytes, whereas Solaris 10 places the limit at 1,024 bytes.