Date: Mon, 13 Jul 1998 23:20:28 -0500 From: Dan Nelson <dnelson@emsphone.com> To: Stephen Hocking-Senior Programmer PGS Tensor Perth <shocking@prth.pgs.com>, hackers@FreeBSD.ORG Subject: Re: How do you tell (within the kernel) if we started setuid? Message-ID: <19980713232028.A3128@emsphone.com> In-Reply-To: <199807140237.KAA10232@ariadne.tensor.pgs.com>; from "Stephen Hocking-Senior Programmer PGS Tensor Perth" on Tue Jul 14 10:37:46 GMT 1998 References: <199807140237.KAA10232@ariadne.tensor.pgs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[dropped -current list] In the last episode (Jul 14), Stephen Hocking-Senior Programmer PGS Tensor Perth said: > > If you're executing a program that was started setuid root but has > subsequently given up its privileges, is there anyway to tell if it > was originally set uid? >From a quick look at the kernel source, it looks like checking for (p->p_flag & P_SUGID) will do what you want (check to see if the process is 'tainted'). See the issetugid(2) man page for more info, or grep the kernel source for P_SUGID :) -Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980713232028.A3128>