To
determine whether your system correctly supports this routine, compile and run the
program test/t_seteuid.c. The compiled binary must be suid-root and must be executed by
an ordinary user:
# cc t_seteuid.c
# chmod u+s a.out
# suspend
% ./a.out
... lots of output here
This system cannot use seteuid
Here the output shows failure, so you do not have seteuid(2) support. Beginning withV8.8,
a.out prints the following on success:
It is safe to define USESETEUID on this system
If the output had not shown failure or had shown success (if you had usable seteuid(2)
support), you could take advantage of that support by defining USESETEUID in sendmail/
conf.h (or include/sm/conf.h for V8.12 and above). In general, USESETEUID is correctly
defined for all systems that can take advantage of this seteuid support.
If seteuid(2) failed, you need to investigate using setreuid(2) instead:
# cc t_setreuid.c
# chmod u+s a.out
# suspend
% ./a.out
initial uids (should be 678/0): r/euid=678/0
after setreuid(0, 1) (should be 0/1): r/euid=0/1
after setreuid(-1, 0) (should be 0/0): r/euid=0/0
after setreuid(realuid, 0) (should be 678/0): r/euid=678/0
after setreuid(0, 2) (should be 0/2): r/euid=0/2
after setreuid(-1, 0) (should be 0/0): r/euid=0/0
after setreuid(realuid, 0) (should be 678/0): r/euid=678/0
It is safe to define HASSETREUID on this system
Here, the test succeeded (no failure message was printed prior to V8.
Pages:
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297