Page History

...

If the program is run with the setuid-0 flag, the state of the UID's over time might be:

Description	code Code	EUID	RUID	SSUID
program startup		0	user	0
temporary drop	`seteuid(getuid())`	user	user	0
restore	`seteuid(0)`	0	user	0
permanent drop	`setuid(getuid())`	user	user	user
restore (attacker)	`setuid(0)` (fails)	user	user	user

If, for some reason, the program fails to restore privileges, it will be unable to permanently drop them later:

Description	code Code	EUID	RUID
program startup		0	user
temporary drop	`seteuid(getuid())`	user	user
restore	`seteuid(0)`	user	user
permanent drop	`setuid(getuid())`	user	user
restore (attacker)	`setuid(0)`	0	0

...

Space shortcuts