|
|
#include <sys/types.h> #include <sys/security.h> #include <sys/audit.h> #include <prot.h>void check_auth_parameters ()
int is_starting_egid (gid) ushort gid;
int is_starting_euid (uid) ushort uid;
int is_starting_luid (uid) ushort uid;
int is_starting_ruid (uid) ushort uid;
int is_starting_rgid (gid) ushort gid;
void set_auth_parameters (argc, argv) int argc; char *argv[];
ushort starting_egid ()
ushort starting_euid ()
ushort starting_luid ()
ushort starting_rgid ()
ushort starting_ruid ()
is_starting_egid (gid)- check current effective GID against retained ID
is_starting_euid (uid)- check current effective UID against retained ID
is_starting_luid (uid)- check current login UID against retained ID
is_starting_ruid (uid)- check current real UID against retained ID
is_starting_rgid (gid)- check current real GID against retained ID
set_auth_parameters- retain IDs for future lookup
starting_egid- returns the effective GID
starting_euid- returns the effective UID
starting_luid- returns the login UID
starting_rgid- returns the real GID
starting_ruid- returns the real UID
These routines provide a way to recall the IDs of a process at the time the program started. They are useful when interrogating the invoking environment of a program after any setuid(S) or setgid(S) calls have been made so that the original environment can be captured.
starting_luid returns the login UID for the process as it was set in the beginning of the program. The login UID is the immutable stamp for the process and accurately denotes the account under which the session is being run, regardless of subsequent setuid(S) calls. starting_ruid returns the real UID for the process as it was set in the beginning of the program. Similarly, starting_euid returns the effective UID, starting_rgid returns the real GID, and starting_egid returns the effective GID, These IDs may not be the same as those returned by getluid(S), getuid(S), geteuid(S), getgid(S), or getegid(S), respectively, because intervening calls to setluid(S), setuid(S) or setgid(S) can change the latter set while the former set remains the same.
The routine is_starting_luid returns 1 if the argument is the same as the login UID at the time when set_auth_parameters was invoked, and 0 otherwise. Similarly, is_starting_ruid returns 1 if the argument is the same as the real UID at the time when set_auth_parameters was invoked, and 0 otherwise; is_starting_euid returns 1 if the argument is the same as the effective UID at the time when set_auth_parameters was invoked, and 0 otherwise; is_starting_rgid returns 1 if the argument is the same as the real GID at the time when set_auth_parameters was invoked, and 0 otherwise; and is_starting_egid returns 1 if the argument is the same as the effective GID at the time when set_auth_parameters was invoked, and 0 otherwise.
The set_auth_parameters routine is used to retain the IDs for future lookup. It also tests the kernel to see if the C2 security features have been loaded. If not, the program exists with an error message. It should be called first in a program or there is a chance that it captures an environment different from the program beginning. The two arguments are the argument count and vector with which the program was called. check_auth_parameters verifies that set_auth_parameters has been previously invoked. If not, the program exits. If so, nothing happens.
set_auth_parameters resets the umask in the calling process to 077.