From 18cc6597618e8ad2ea6a133b212f3d2b9e436f19 Mon Sep 17 00:00:00 2001 From: Michael Kerrisk Date: Fri, 9 Aug 2013 09:15:03 +0200 Subject: [PATCH] setfsuid.2: Clarify historical details and note that setfsuid() is obsolete Reported-by: Chen Gang Signed-off-by: Michael Kerrisk --- man2/setfsuid.2 | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/man2/setfsuid.2 b/man2/setfsuid.2 index 404ccdceb..dbb9eb5e9 100644 --- a/man2/setfsuid.2 +++ b/man2/setfsuid.2 @@ -84,9 +84,24 @@ it will return \-1 and set \fIerrno\fP to without attempting the system call. .LP -Note that at the time this system call was introduced, a process -could send a signal to a process with the same effective user ID. -Today signal permission handling is slightly different. +At the time when this system call was introduced, one process +could send a signal to another process with the same effective user ID. +This meant that if a privilged process changed its effective user ID +for the purpose of file permission checking, +then it could become vulnerable to receiving signals +sent by another (unprivileged) process with the same user ID. +The filesystem user ID attribute was thus added to allow a process to +change its user ID for the purposes of file permission checking without +at the same time becoming vulnerable to receiving unwanted signals. +Since Linux 2.0, signal permission handling is different (see +.BR kill (2)), +with the result that a process change can change its effective user ID +without being vulnerable to receiving signals from unwanted processes. +Thus, +.BR setfsuid () +is nowadays unneeded and should be avoided in new applications +(likewise for +.BR setfsgid (2)). The original Linux .BR setfsuid ()