Hi,

I'm thinking of designing a software that may need to change the current user to a normal user if run as root. But from what i've read, you can still switch back to root if you were root in the first place (meaning, the real UID is 0). I'd like to make this impossible.
I think the solution is forking but i'd like you to confirm this.

My question is, does the real UID of the children is the effective UID of the parent at the time the fork is done?
My manual lists what's inherited from the parent but doesn't states this.

I'd like an answer about Linux kernel and about Unices in general (i'd like to make it at least POSIX-portable)

Many thanks

You can change Effective User ID, Real user ID and Saved Userd ID simultaneously using setuid() system call so it cannot switch back to root. (Only root is allowed). Check man setuid()

Oh okay.
Actually, i thought that in most implementations, setuid() was like seteuid() (which doesn't change the real uid) -- i read somewhere something like that, but i misunderstood i think.

After trying on my Linux system, it's right, you can't change back effective or real user to root after setuid() has been called with a non root user -- no need to fork