diff options
| -rw-r--r-- | include/unistd.h | 14 | ||||
| -rw-r--r-- | libc/misc/file/issetugid.c | 10 | ||||
| -rw-r--r-- | libc/misc/internals/__uClibc_main.c | 11 |
3 files changed, 35 insertions, 0 deletions
diff --git a/include/unistd.h b/include/unistd.h index 540062a42..967e058a3 100644 --- a/include/unistd.h +++ b/include/unistd.h @@ -1168,6 +1168,20 @@ extern long int syscall (long int __sysno, ...) __THROW; #endif /* Use misc. */ +/* Are we in a secure process environment or are we dealing with setuid + * stuff? This value is returned by issetugid(). + */ +extern int _pe_secure; +libc_hidden_proto(_pe_secure) + +#ifdef __USE_BSD +/* issetugid() returns 1 if the process environment or memory address space + is considered tainted, and returns 0 otherwise. This happens, for example, + when a process's privileges are elevated by the setuid or setgid flags on + an executable belonging to root. +*/ +extern int issetugid(void); +#endif #if (defined __USE_MISC || defined __USE_XOPEN_EXTENDED) && !defined F_LOCK /* NOTE: These declarations also appear in <fcntl.h>; be sure to keep both diff --git a/libc/misc/file/issetugid.c b/libc/misc/file/issetugid.c new file mode 100644 index 000000000..6756a1e85 --- /dev/null +++ b/libc/misc/file/issetugid.c @@ -0,0 +1,10 @@ +/* Copyright (C) 2013 Gentoo Foundation + * Licensed under LGPL v2.1 or later, see the file COPYING.LIB in this tarball. + */ + +#include <unistd.h> + +int issetugid(void) +{ + return _pe_secure; +} diff --git a/libc/misc/internals/__uClibc_main.c b/libc/misc/internals/__uClibc_main.c index a37751f2d..1f1e601e8 100644 --- a/libc/misc/internals/__uClibc_main.c +++ b/libc/misc/internals/__uClibc_main.c @@ -40,6 +40,14 @@ #include <locale.h> #endif +/* Are we in a secure process environment or are we dealing + * with setuid stuff? If we are dynamically linked, then we + * already have _dl_secure, otherwise we need to re-examine + * auxvt[] below. + */ +int _pe_secure = 0; +libc_hidden_data_def(_pe_secure) + #ifndef SHARED void *__libc_stack_end = NULL; @@ -391,7 +399,10 @@ void __uClibc_main(int (*main)(int, char **, char **), int argc, __check_one_fd (STDIN_FILENO, O_RDONLY | O_NOFOLLOW); __check_one_fd (STDOUT_FILENO, O_RDWR | O_NOFOLLOW); __check_one_fd (STDERR_FILENO, O_RDWR | O_NOFOLLOW); + _pe_secure = 1 ; } + else + _pe_secure = 0 ; #endif __uclibc_progname = *argv; |