issuhub.com

The Linux Programming Interface

(nextflipdebug5) #1 
Solutions to Selected Exercises 1427

Chapter 9


9-1. In considering the following, remember that changes to the effective user ID

always also change the file-system user ID.

a) real=2000, effective=2000, saved=2000, file-system=2000

b) real=1000, effective=2000, saved=2000, file-system=2000

c) real=1000, effective=2000, saved=0, file-system=2000

d) real=1000, effective=0, saved=0, file-system=2000

e) real=1000, effective=2000, saved=3000, file-system=2000

9-2. Strictly speaking, such a process is unprivileged, since its effective user ID is

nonzero. However, an unprivileged process can use the setuid(), setreuid(), seteuid(),

or setresuid() calls to set its effective user ID to the same value as its real user ID or

saved set-user-ID. Thus, this process could use one of these calls to regain privilege.

9-4. The following code shows the steps for each system call.

e = geteuid(); /* Save initial value of effective user ID */

setuid(getuid()); /* Suspend privileges */

setuid(e); /* Resume privileges */

/* Can't permanently drop the set-user-ID identity with setuid() */

seteuid(getuid()); /* Suspend privileges */

seteuid(e); /* Resume privileges */

/* Can't permanently drop the set-user-ID identity with seteuid() */

setreuid(-1, getuid()); /* Temporarily drop privileges */

setreuid(-1, e); /* Resume privileges */

setreuid(getuid(), getuid()); /* Permanently drop privileges */

setresuid(-1, getuid(), -1); /* Temporarily drop privileges */

setresuid(-1, e, -1); /* Resume privileges */

setresuid(getuid(), getuid(), getuid()); /* Permanently drop privileges */

9-5. With the exception of setuid(), the answers are the same as for the previous

exercise, except that we can substitute the value 0 for the variable e. For setuid(), the

following holds:

/* (a) Can't suspend and resume privileges with setuid() */

setuid(getuid()); /* (b) Permanently drop privileges */

Chapter 10


10-1. The maximum unsigned 32-bit integer value is 4,294,967,295. Divided by 100 clock

ticks per second, this corresponds to slightly more than 497 days. Divided by

1 million (CLOCKS_PER_SEC), this corresponds to 71 minutes and 35 seconds.
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.