Re: [nmh-workers] I Could Have Sworn that the inc Command used to work.

[Ralph Corderoy]

Hi Ken,

> > I notice that a setuid inc(1) has various troubles due to the use of
> > real user ID rather than effective.
>
> Like ... what?

It's simple to copy inc and make it setuid to another user and then run
it.

    $ ./inc
    ========================================================================
    Welcome to nmh version 1.7+dev

    See the release notes in /usr/share/doc/nmh/NEWS

    Send bug reports, questions, suggestions, and patches to
    address@hidden.  That mailing list is relatively quiet, so user
    questions are encouraged.  Users are also encouraged to subscribe, and
    view the archives, at https://lists.gnu.org/mailman/listinfo/nmh-workers

    This message will not be repeated until nmh is next updated.
    ========================================================================

    Press enter to continue: 

    inc: error on folder /home/ralph/mail/inbox: Permission denied
    $ 

So it's trying to access my inbox rather than the other user's.  Also,
both the other user and I have already acknowledged the 1.7+dev welcome
message, yet it is shown again.  I expect other problems would come to
light if I persisted.

> I would have though using the real UID would have been the correct
> answer.

I have permission to access the effective user's files, and not the real
user's, then shouldn't those be the ones I'm attempting to access?

> Also, I didn't even think we supported that

This is Unix and setuid and setgid is normal.  Unless we explicitly rule
it out in some cases, it's ruled in.  :-)

-- 
Cheers, Ralph.