0xbeef has asked for the wisdom of the Perl Monks concerning the following question:

Esteemed monks,

I have run into a peculiarity when using the $> variable to demote privileges in one of my programs, which can be simplified to:

sub DropPriv($uid,$groups) { $) = $groups; $> = $uid; if ($> != $uid) { print STDERR "demotion to $uid failed, EUID=$>.\n"; return 0; } return 1; }
This tested fine on my Linux system, the idea being that I would demote myself to nobody (uid 65534) before doing some system calls.

The same code unexpectedly failed on my AIX system with a resulting EUID=-2, which I'm now guessing to be related to an overflow problem since the only difference on AIX is that nobody's uid is 4294967294 by default. When I use a user with a lower uid it works fine.

The AIX system is running v5.8.0, but I got the same result on v5.8.8.

My workaround was to use the "sys" user (uid=3), but can anyone confirm this as an overflow issue with the built-in $> variable and perhaps an alternative solution?