I notice that a setuid inc(1) has various troubles due to the use of
real user ID rather than effective.
Like ... what?
It's simple to copy inc and make it setuid to another user and then run
Welcome to nmh version 1.7+dev
See the release notes in /usr/share/doc/nmh/NEWS
Send bug reports, questions, suggestions, and patches to
firstname.lastname@example.org. That mailing list is relatively quiet, so user
questions are encouraged. Users are also encouraged to subscribe, and
view the archives, at https://lists.gnu.org/mailman/listinfo/nmh-workers
This message will not be repeated until nmh is next updated.
Press enter to continue:
inc: error on folder /home/ralph/mail/inbox: Permission denied
So it's trying to access my inbox rather than the other user's. Also,
both the other user and I have already acknowledged the 1.7+dev welcome
message, yet it is shown again. I expect other problems would come to
light if I persisted.
I would have though using the real UID would have been the correct
I have permission to access the effective user's files, and not the real
user's, then shouldn't those be the ones I'm attempting to access?
Also, I didn't even think we supported that
This is Unix and setuid and setgid is normal. Unless we explicitly rule
it out in some cases, it's ruled in. :-)