setfsuid.2: Clarify historical details and note that setfsuid() is obsolete

Reported-by: Chen Gang <gang.chen@asianux.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2013-08-09 09:15:03 +02:00 · 2013-08-09 09:15:03 +02:00 · 18cc659761
parent 9e3859ed2b
commit 18cc659761
1 changed files with 18 additions and 3 deletions
--- a/man2/setfsuid.2
+++ b/man2/setfsuid.2
@ -84,9 +84,24 @@ it will return \-1 and set \fIerrno\fP to
 without attempting
 the system call.
 .LP
-Note that at the time this system call was introduced, a process
-could send a signal to a process with the same effective user ID.
-Today signal permission handling is slightly different.
+At the time when this system call was introduced, one process
+could send a signal to another process with the same effective user ID.
+This meant that if a privilged process changed its effective user ID
+for the purpose of file permission checking,
+then it could become vulnerable to receiving signals
+sent by another (unprivileged) process with the same user ID.
+The filesystem user ID attribute was thus added to allow a process to
+change its user ID for the purposes of file permission checking without
+at the same time becoming vulnerable to receiving unwanted signals.
+Since Linux 2.0, signal permission handling is different (see
+.BR kill (2)), 
+with the result that a process change can change its effective user ID
+without being vulnerable to receiving signals from unwanted processes.
+Thus,
+.BR setfsuid ()
+is nowadays unneeded and should be avoided in new applications
+(likewise for
+.BR setfsgid (2)).

 The original Linux
 .BR setfsuid ()