From b08ad6083bec983d643e525a1229a44d6e68628f Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Fri, 15 Apr 2011 12:30:08 -0400
Subject: [PATCH] Work around weird AIX saved uid semantics on setuid() and
 setreuid(). On AIX, setuid() will only set the saved uid if the euid is
 already 0.

---
 plugins/sudoers/set_perms.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/plugins/sudoers/set_perms.c b/plugins/sudoers/set_perms.c
index d3c3be088..e8b9f633f 100644
--- a/plugins/sudoers/set_perms.c
+++ b/plugins/sudoers/set_perms.c
@@ -535,6 +535,9 @@ restore_perms(void)
      * the ruid is ROOT_UID so call setuid() first.
      */
     if (OID(euid) == ROOT_UID) {
+	/* setuid() may not set the saved ID unless the euid is ROOT_UID */
+	if (ID(euid) != ROOT_UID)
+	    (void)setreuid(-1, ROOT_UID);
 	if (setuid(ROOT_UID)) {
 	    warning("setuid(%d)", ROOT_UID);
 	    goto bad;