diff mbox

libc: add issetugid()

Message ID 1405990399-5167-1-git-send-email-basile@opensource.dyc.edu
State Superseded
Headers show

Commit Message

Anthony Basile July 22, 2014, 12:53 a.m. UTC 
From: "Anthony G. Basile" <blueness@gentoo.org>

issetugid() returns 1 if the process environment or memory address space
is considered tainted, and returns 0 otherwise.  This happens, for example,
when a process's privileges are elevated by the setuid or setgid flags on
an executable belonging to root.  This function first appeard in OpenBSD 2.0
and is needed for the LibreSSL.
---
 include/unistd.h           |  8 ++++++++
 ldso/include/ldso.h        |  1 +
 ldso/ldso/ldso.c           |  2 +-
 libc/misc/file/issetugid.c | 11 +++++++++++
 4 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 libc/misc/file/issetugid.c

Comments

Rich Felker July 22, 2014, 2:44 a.m. UTC | #1 
On Mon, Jul 21, 2014 at 08:53:19PM -0400, basile@opensource.dyc.edu wrote:
> From: "Anthony G. Basile" <blueness@gentoo.org>
> 
> issetugid() returns 1 if the process environment or memory address space
> is considered tainted, and returns 0 otherwise.  This happens, for example,
> when a process's privileges are elevated by the setuid or setgid flags on
> an executable belonging to root.  This function first appeard in OpenBSD 2.0
> and is needed for the LibreSSL.

Looking at your patch, I think you missed the static linking case. It
might also be nice to mention that this interface was just added in
musl after a bit of discussion with people from the BSD and glibc
sides. The commit message with rationale is here:

http://git.musl-libc.org/cgit/musl/commit/?id=ddddec106fd17c3aca3287005d21e92f742aa9d4

Rich
diff mbox

Patch

diff --git a/include/unistd.h b/include/unistd.h
index 540062a..f73daf0 100644
--- a/include/unistd.h
+++ b/include/unistd.h
@@ -1168,6 +1168,14 @@  extern long int syscall (long int __sysno, ...) __THROW;
 
 #endif	/* Use misc.  */
 
+#ifdef __USE_MISC
+/* issetugid() returns 1 if the process environment or memory address space
+   is considered tainted, and returns 0 otherwise.  This happens, for example,
+   when a process's privileges are elevated by the setuid or setgid flags on
+   an executable belonging to root.
+*/
+extern int issetugid(void);
+#endif
 
 #if (defined __USE_MISC || defined __USE_XOPEN_EXTENDED) && !defined F_LOCK
 /* NOTE: These declarations also appear in <fcntl.h>; be sure to keep both
diff --git a/ldso/include/ldso.h b/ldso/include/ldso.h
index e237885..fd4e842 100644
--- a/ldso/include/ldso.h
+++ b/ldso/include/ldso.h
@@ -76,6 +76,7 @@  struct init_fini_list {
 /* Global variables used within the shared library loader */
 extern char *_dl_library_path;         /* Where we look for libraries */
 extern char *_dl_preload;              /* Things to be loaded before the libs */
+extern int _dl_secure;                 /* Are we dealing with setuid stuff? */
 #ifdef __LDSO_SEARCH_INTERP_PATH__
 extern const char *_dl_ldsopath;       /* Where the shared lib loader was found */
 #endif
diff --git a/ldso/ldso/ldso.c b/ldso/ldso/ldso.c
index 5619629..ed5a8c1 100644
--- a/ldso/ldso/ldso.c
+++ b/ldso/ldso/ldso.c
@@ -64,7 +64,7 @@  struct elf_resolve *_dl_trace_prelink_map    = NULL;	/* Library module for preli
 bool _dl_verbose				= true;					/* On by default */
 bool prelinked					= false;
 #endif
-int _dl_secure = 1; /* Are we dealing with setuid stuff? */
+_dl_secure = 1; /* Assume we dealing with setuid stuff. */
 
 #ifdef __SUPPORT_LD_DEBUG__
 char *_dl_debug           = NULL;
diff --git a/libc/misc/file/issetugid.c b/libc/misc/file/issetugid.c
new file mode 100644
index 0000000..696a932
--- /dev/null
+++ b/libc/misc/file/issetugid.c
@@ -0,0 +1,11 @@ 
+/* Copyright (C) 2013 Gentoo Foundation
+ * Licensed under LGPL v2.1 or later, see the file COPYING.LIB in this tarball.
+ */
+
+#include <unistd.h>
+#include "ldso.h"
+
+int issetugid(void)
+{
+	return _dl_secure;
+}