From owner-freebsd-hackers Tue Jul 14 03:13:08 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA14569 for freebsd-hackers-outgoing; Tue, 14 Jul 1998 03:13:08 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from frmug.org (frmug-gw.frmug.org [193.56.58.252]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA14564 for ; Tue, 14 Jul 1998 03:13:05 -0700 (PDT) (envelope-from roberto@keltia.freenix.fr) Received: (from uucp@localhost) by frmug.org (8.9.0/frmug-2.3/nospam) with UUCP id MAA17920 for hackers@FreeBSD.ORG; Tue, 14 Jul 1998 12:12:58 +0200 (CEST) (envelope-from roberto@keltia.freenix.fr) Received: (from roberto@localhost) by keltia.freenix.fr (8.9.0.Beta4/keltia-2.14/nospam) id MAA05366 for hackers@FreeBSD.ORG; Tue, 14 Jul 1998 12:06:05 +0200 (CEST) (envelope-from roberto) Message-ID: <19980714120605.A5227@keltia.freenix.fr> Date: Tue, 14 Jul 1998 12:06:05 +0200 From: Ollivier Robert To: hackers@FreeBSD.ORG Subject: Re: How do you tell (within the kernel) if we started setuid? Mail-Followup-To: hackers@FreeBSD.ORG References: <199807140237.KAA10232@ariadne.tensor.pgs.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93i In-Reply-To: <199807140237.KAA10232@ariadne.tensor.pgs.com>; from Stephen Hocking-Senior Programmer PGS Tensor Perth on Tue, Jul 14, 1998 at 10:37:46AM +0800 X-Operating-System: FreeBSD 3.0-CURRENT ctm#4462 AMD-K6 MMX @ 225 MHz Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG According to Stephen Hocking-Senior Programmer PGS Tensor Perth: > If you're executing a program that was started setuid root but has > subsequently given up its privileges, is there anyway to tell if it was > originally set uid? There is a system call about this. It looks for a special flag in the process entry. NAME issetugid - is current process tainted by uid or gid changes int issetugid(p, uap) register struct proc *p; struct issetugid_args *uap; { /* * Note: OpenBSD sets a P_SUGIDEXEC flag set at execve() time, * we use P_SUGID because we consider changing the owners as * "tainting" as well. * This is significant for procs that start as root and "become" * a user without an exec - programs cannot know *everything* * that libc *might* have put in their data segment. */ if (p->p_flag & P_SUGID) return (1); return (0); } -- Ollivier ROBERT -=- FreeBSD: The Power to Serve! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 3.0-CURRENT #61: Sun Jul 12 14:38:23 CEST 1998 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message