*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> starting_egid (3)              
Title
Content
Arch
Section
 

identity(3)

Contents


NAME    [Toc]    [Back]

       starting_luid,    starting_ruid,   starting_euid,   starting_rgid,
   starting_egid,   is_starting_luid,   is_starting_ruid,
  is_starting_euid,  is_starting_rgid,  is_starting_egid,
 set_auth_parameters, check_auth_parameters - Get
       or check user or group IDs (Enhanced Security)

SYNOPSIS    [Toc]    [Back]

       #include  <sys/types.h> #include <sys/security.h> #include
       <prot.h>

       uid_t starting_luid(
               void ); uid_t starting_ruid(
               void ); uid_t starting_euid(
               void ); uid_t starting_rgid(
               void ); uid_t starting_egid(
               void ); int is_starting_luid(
               uid_t uid ); int is_starting_ruid(
               uid_t uid ); int is_starting_euid(
               uid_t uid ); int is_starting_rgid(
               uid_t gid ); int is_starting_egid(
               uid_t gid ); void set_auth_parameters(
               int argc,
               char *argv[] ); void check_auth_parameters(
               void );

LIBRARY    [Toc]    [Back]

       Enhanced Security Library (libsecurity)

PARAMETERS    [Toc]    [Back]

       Specifies the process's user ID.  Specifies the  process's
       group ID.  Specifies the argument count.

DESCRIPTION    [Toc]    [Back]

       The  identity functions provide a way to recall the IDs of
       a process at the time the program started. They are useful
       when  interrogating  the invoking environment of a program
       after any setuid() or setgid() calls  have  been  made  so
       that the original environment can be captured.

       The starting_luid() function returns the login UID for the
       process. The login UID is the immutable stamp for the process
  and  accurately  denotes the account under which the
       session is being run, regardless  of  subsequent  setuid()
       calls.

       The  starting_ruid() function returns the real UID for the
       process as it was set in the  beginning  of  the  program.
       Similarly,  starting_euid()  returns  the  effective  UID,
       starting_rgid() returns the real GID, and  starting_egid()
       returns  the  effective GID. These IDs may not be the same
       as those returned by  getuid(),  geteuid(),  getgid(),  or
       getegid(),  respectively,  because  intervening  calls  to
       setuid() or setgid() can change them depending on the process's
 privileges.

       The  is_starting_luid()  function  returns a value of 1 if
       the argument is the same as the login UID at the time when
       set_auth_parameters() was invoked; otherwise, it returns a
       value of 0 (zero). Similarly, The is_starting_ruid() function
 returns 1 if the argument is the same as the real UID
       at the time when set_auth_parameters() was invoked, and  0
       otherwise.  The  is_starting_euid()  function returns 1 if
       the argument is the same as the effective UID at the  time
       when  set_auth_parameters()  was invoked, and 0 otherwise.
       The is_starting_rgid() function returns 1 if the  argument
       is   the   same   as   the  real  GID  at  the  time  when
       set_auth_parameters() was invoked, and  0  otherwise.  The
       is_starting_egid()  function  returns 1 if the argument is
       the  same  as  the  effective  GID  at   the   time   when
       set_auth_parameters() was invoked, and 0 otherwise.

       The  set_auth_parameters()  function is used to retain the
       IDs for future lookup. It also tests the kernel to see  if
       the  security  features have been loaded. If not, the program
 exists with an error message.  It  should  be  called
       first  in a program or there is a chance that it will capture
 an environment different from the conditions  at  the
       program  start.  The  two arguments are the argument count
       and  vector  with  which  the  program  was  called.   The
       check_auth_parameters()     function     verifies     that
       set_auth_parameters() has been previously invoked. If not,
       the program exits.

NOTES    [Toc]    [Back]

       Programs  must call set_auth_parameters() before any other
       action  in  main().   The   program   must   always   call
       set_auth_parameters(argc,argv)  before doing anything that
       changes argc or argv; the other  functions  in  identity.c
       depend  on  this  happening. The argc parameter must be at
       least 1.

       Programs using these functions must be compiled with -lsecurity.

SEE ALSO    [Toc]    [Back]

      
      
       Functions: getuid(2), getgid(2), setuid(2), setgid(2)



                                                      identity(3)
[ Back ]
 Similar pages
Name OS Title
pw_nametoid Tru64 Map between user and group names and IDs (Enhanced Security)
gr_idtoname Tru64 Map between user and group names and IDs (Enhanced Security)
pw_mapping Tru64 Map between user and group names and IDs (Enhanced Security)
gr_nametoid Tru64 Map between user and group names and IDs (Enhanced Security)
pw_idtoname Tru64 Map between user and group names and IDs (Enhanced Security)
time_lock_es Tru64 Check time-of-day locking (Enhanced Security)
sulogin Tru64 single-user login program (Enhanced Security)
locked_out_acct_es Tru64 determine if passwordmanagement disallows user login (Enhanced Security)
auth_for_terminal_es Tru64 determine whether a given user is authorized for login on a given terminal (Enhanced Security)
locked_out_es Tru64 determine if passwordmanagement disallows user login (Enhanced Security)
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service