issetugid - is current executable running setuid or setgid
#include <unistd.h>
int
issetugid(void);
The issetugid() function returns 1 if the process was made
setuid or setgid
as the result of the last or other previous execve()
system calls.
Otherwise it returns 0.
This system call exists so that library routines (inside
libtermlib,
libc, or other libraries) can guarantee safe behavior when
used inside
setuid or setgid programs. Some library routines may be
passed insufficient
information and hence not know whether the current
program was
started setuid or setgid because higher level calling code
may have made
changes to the uid, euid, gid, or egid. Hence these lowlevel library
routines are unable to determine if they are being run with
elevated or
normal privileges.
In particular, it is wise to use this call to determine if a
pathname returned
from a getenv() call may safely be used to open() the
specified
file. Quite often this is not wise because the status of
the effective
uid is not known.
The issetugid() system call's result is unaffected by calls
to setuid(),
setgid(), or other such calls. In case of a fork(), the
child process
inherits the same status.
The status of issetugid() is only affected by execve(). If
a child process
executes a new executable file, a new issetugid status
will be determined.
This status is based on the existing process's
uid, euid, gid,
and egid permissions and on the modes of the executable
file. If the new
executable file modes are setuid or setgid, or if the existing process is
executing the new image with uid != euid or gid != egid, the
new process
will be considered issetugid.
The issetugid() function is always successful, and no return
value is reserved
to indicate an error.
execve(2), setegid(2), seteuid(2), setgid(2), setuid(2)
The issetugid() function call first appeared in OpenBSD 2.0.
OpenBSD 3.6 August 25, 1996
[ Back ] |
