diff options
-rw-r--r-- | lib/libc/sys/issetugid.2 | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/lib/libc/sys/issetugid.2 b/lib/libc/sys/issetugid.2 index 975878f07cc..4da99a124dd 100644 --- a/lib/libc/sys/issetugid.2 +++ b/lib/libc/sys/issetugid.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: issetugid.2,v 1.9 1997/04/10 09:41:22 deraadt Exp $ +.\" $OpenBSD: issetugid.2,v 1.10 1997/07/04 23:58:59 deraadt Exp $ .\" .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -45,17 +45,20 @@ The .Fn issetugid function returns 1 if the process was made setuid or setgid as -the result of the last +the result of the last or other previous .Fn execve -system call. +system calls. Otherwise it returns 0. .Pp This system call exists so that library routines (inside libtermlib, libc, or other libraries) can gaurantee safe behavior when used inside setuid or setgid programs. -Some library routines may not be passed sufficient information to know -if the current program was started setuid or setgid because higher level -calling code may have made changes to the uid or the euid. +Some library routines may be passed insufficient information and hence +not know whether the current program was started setuid or setgid +because higher level calling code may have made changes to the uid, euid, +gid, or egid. +Hence these low-level library routines are unable to determine if they +are being run with elevated or normal priveledges. .Pp In particular, it is wise to use this call to determine if a pathname returned from a @@ -75,12 +78,19 @@ or other such calls. In case of a .Fn fork , the child process inherits the same status. +.Pp The status of .Fn issetugid is only affected by -.Fn execve , -meaning that if a child process executes a new binary a new -status will be determined based on the executable file modes. +.Fn execve . +If a child process executes a new executable file, a new issetuid +status will be determined. +This status is based on the existing process' uid, euid, gid, +and egid permissions and on the modes of the executable file. +If the new executable file modes are setuid or setgid, or if +the existing process is executing the new image with +uid != euid or gid != egid, the new process will be considered +issetugid. .Sh ERRORS The .Fn issetugid |