From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.2.1) Gecko/20030225 Description of problem: The setegid call sets the saved gid even though it should not. SUS says only effective gid should be set. I looked at glibc source and it is calling __setresgid(-1, euid,-1); Version-Release number of selected component (if applicable): kernel-2.4.20-13.9 How reproducible: Always Steps to Reproduce: 1. Compile and run the following program: #include <stdio.h> #include <unistd.h> #include <sys/types.h> #include <pwd.h> int main(void) { struct passwd nobody; gid_t cur_rgid, cur_egid, cur_sgid; gid_t orig_rgid, orig_egid, orig_sgid; if (geteuid() != 0) { puts("Must be super/root for this test!"); return 1; } nobody = *getpwnam("nobody"); getresgid(&orig_rgid, &orig_egid, &orig_sgid); printf("getresgid reports rgid %d, egid %d, sgid %d\n", orig_rgid, orig_egid, orig_sgid); setegid(nobody.pw_gid); getresgid(&cur_rgid, &cur_egid, &cur_sgid); printf("getresgid reports rgid %d, egid %d, sgid %d\n", cur_rgid, cur_egid, cur_sgid); if (orig_sgid != cur_sgid) { puts("setegid() changed the saved set-gid"); return 1; } return 0; } Actual Results: getresgid reports rgid 0, egid 0, sgid 0 getresgid reports rgid 0, egid 99, sgid 99 setegid() changed the saved set-gid Expected Results: getresgid reports rgid 0, egid 0, sgid 0 getresgid reports rgid 0, egid 99, sgid 0 Additional info:
Try the RHL9 errata. Test code at ftp://people.redhat.com/jakub/glibc/errata/2.3.2-27.9.4/