Opinion on checking return value of setuid(getuid())?

[Eitan Adler]

On 1 October 2012 07:08, Konstantin Belousov <kostikbel at gmail.com> wrote:
> I do not believe in the dreadful 'flood ping' security breach. Is a
> local escalation possible with non-dropped root ?

It is clearly a local escalation: a non-root user can do something
which was intended only for root. It is a different question how
serious the breach is.



-- 
Eitan Adler