On Fri, 8 Jan 1999, Thamer Al-Herbish wrote: > > Maybe getuid() is the "best" you can do, maybe not. A lot of the OS's > > these days have some sort of audit id which is sometimes less flexible > > than uid's when it comes to change. > > To be extra pedantic use getlogin() to double check. getlogin cannot > lie unless you are root and did a setlogin(). This is a joke, I assume. >From the Linux man page for getlogin(): BUGS Unfortunately, it is often rather easy to fool getlogin(). Sometimes it does not work at all, because some program messed up the utmp file. This is the traditional getlogin() behavior, IIRC. You might be correct if you are on a system where utmp is not world-writable and all the programs that modify it are properly secure. -- <kragenat_private> Kragen Sitaker <http://www.pobox.com/~kragen/> A good conversation and even lengthy and heated conversations are probably some of the most important pointful things I can think of. They are the antithesis of pointlessness! -- Matt O'Connor <matthew@anti-earth.org>
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:28:24 PDT