diff mbox

libc: add issetugid()

Message ID 1406562862-29284-1-git-send-email-basile@opensource.dyc.edu
State Accepted
Commit 94246e65e20b5390d53858447526b231ef1afd67
Headers show

Commit Message

Anthony Basile July 28, 2014, 3:54 p.m. UTC
From: "Anthony G. Basile" <blueness@gentoo.org>

issetugid() returns 1 if the process environment or memory address space
is considered tainted, and returns 0 otherwise.  This happens, for example,
when a process's privileges are elevated by the setuid or setgid flags on
an executable belonging to root.  This function first appeard in OpenBSD 2.0
and is needed for the LibreSSL.

This patch follows the same logic as the equivalent musl commit.  For more
information see the commit message at

http://git.musl-libc.org/cgit/musl/commit/?id=ddddec106fd17c3aca3287005d21e92f742aa9d4
---
 include/unistd.h                    | 14 ++++++++++++++
 libc/misc/file/issetugid.c          | 10 ++++++++++
 libc/misc/internals/__uClibc_main.c | 11 +++++++++++
 3 files changed, 35 insertions(+)
 create mode 100644 libc/misc/file/issetugid.c

Comments

Bernhard Reutner-Fischer Aug. 18, 2014, 1:22 p.m. UTC | #1
On Mon, Jul 28, 2014 at 11:54:22AM -0400, basile@opensource.dyc.edu wrote:
> From: "Anthony G. Basile" <blueness@gentoo.org>
> 
> issetugid() returns 1 if the process environment or memory address space
> is considered tainted, and returns 0 otherwise.  This happens, for example,
> when a process's privileges are elevated by the setuid or setgid flags on
> an executable belonging to root.  This function first appeard in OpenBSD 2.0
> and is needed for the LibreSSL.
> 
> This patch follows the same logic as the equivalent musl commit.  For more
> information see the commit message at
> 
> http://git.musl-libc.org/cgit/musl/commit/?id=ddddec106fd17c3aca3287005d21e92f742aa9d4

Applied, thanks!
diff mbox

Patch

diff --git a/include/unistd.h b/include/unistd.h
index 540062a..967e058 100644
--- a/include/unistd.h
+++ b/include/unistd.h
@@ -1168,6 +1168,20 @@  extern long int syscall (long int __sysno, ...) __THROW;
 
 #endif	/* Use misc.  */
 
+/* Are we in a secure process environment or are we dealing with setuid
+ * stuff?  This value is returned by issetugid().
+ */
+extern int _pe_secure;
+libc_hidden_proto(_pe_secure)
+
+#ifdef __USE_BSD
+/* issetugid() returns 1 if the process environment or memory address space
+   is considered tainted, and returns 0 otherwise.  This happens, for example,
+   when a process's privileges are elevated by the setuid or setgid flags on
+   an executable belonging to root.
+*/
+extern int issetugid(void);
+#endif
 
 #if (defined __USE_MISC || defined __USE_XOPEN_EXTENDED) && !defined F_LOCK
 /* NOTE: These declarations also appear in <fcntl.h>; be sure to keep both
diff --git a/libc/misc/file/issetugid.c b/libc/misc/file/issetugid.c
new file mode 100644
index 0000000..6756a1e
--- /dev/null
+++ b/libc/misc/file/issetugid.c
@@ -0,0 +1,10 @@ 
+/* Copyright (C) 2013 Gentoo Foundation
+ * Licensed under LGPL v2.1 or later, see the file COPYING.LIB in this tarball.
+ */
+
+#include <unistd.h>
+
+int issetugid(void)
+{
+	return _pe_secure;
+}
diff --git a/libc/misc/internals/__uClibc_main.c b/libc/misc/internals/__uClibc_main.c
index a37751f..d860137 100644
--- a/libc/misc/internals/__uClibc_main.c
+++ b/libc/misc/internals/__uClibc_main.c
@@ -40,6 +40,14 @@ 
 #include <locale.h>
 #endif
 
+/* Are we in a secure process environment or are we dealing
+ * with setuid stuff?  If we are dynamically linked, then we
+ * already have _dl_secure, otherwise we need to re-examine
+ * auxvt[] below.
+ */
+int _pe_secure = 0;
+libc_hidden_data_def(_pe_secure)
+
 #ifndef SHARED
 void *__libc_stack_end = NULL;
 
@@ -388,10 +396,13 @@  void __uClibc_main(int (*main)(int, char **, char **), int argc,
     if (_dl_secure)
 #endif
     {
+	_pe_secure = 1 ;
 	__check_one_fd (STDIN_FILENO, O_RDONLY | O_NOFOLLOW);
 	__check_one_fd (STDOUT_FILENO, O_RDWR | O_NOFOLLOW);
 	__check_one_fd (STDERR_FILENO, O_RDWR | O_NOFOLLOW);
     }
+    else
+	_pe_secure = 0 ;
 #endif
 
     __uclibc_progname = *argv;