[PATCH] libc: add issetugid()

basile at opensource.dyc.edu basile at opensource.dyc.edu
Tue Jul 22 00:53:19 UTC 2014


From: "Anthony G. Basile" <blueness at gentoo.org>

issetugid() returns 1 if the process environment or memory address space
is considered tainted, and returns 0 otherwise.  This happens, for example,
when a process's privileges are elevated by the setuid or setgid flags on
an executable belonging to root.  This function first appeard in OpenBSD 2.0
and is needed for the LibreSSL.
---
 include/unistd.h           |  8 ++++++++
 ldso/include/ldso.h        |  1 +
 ldso/ldso/ldso.c           |  2 +-
 libc/misc/file/issetugid.c | 11 +++++++++++
 4 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 libc/misc/file/issetugid.c

diff --git a/include/unistd.h b/include/unistd.h
index 540062a..f73daf0 100644
--- a/include/unistd.h
+++ b/include/unistd.h
@@ -1168,6 +1168,14 @@ extern long int syscall (long int __sysno, ...) __THROW;
 
 #endif	/* Use misc.  */
 
+#ifdef __USE_MISC
+/* issetugid() returns 1 if the process environment or memory address space
+   is considered tainted, and returns 0 otherwise.  This happens, for example,
+   when a process's privileges are elevated by the setuid or setgid flags on
+   an executable belonging to root.
+*/
+extern int issetugid(void);
+#endif
 
 #if (defined __USE_MISC || defined __USE_XOPEN_EXTENDED) && !defined F_LOCK
 /* NOTE: These declarations also appear in <fcntl.h>; be sure to keep both
diff --git a/ldso/include/ldso.h b/ldso/include/ldso.h
index e237885..fd4e842 100644
--- a/ldso/include/ldso.h
+++ b/ldso/include/ldso.h
@@ -76,6 +76,7 @@ struct init_fini_list {
 /* Global variables used within the shared library loader */
 extern char *_dl_library_path;         /* Where we look for libraries */
 extern char *_dl_preload;              /* Things to be loaded before the libs */
+extern int _dl_secure;                 /* Are we dealing with setuid stuff? */
 #ifdef __LDSO_SEARCH_INTERP_PATH__
 extern const char *_dl_ldsopath;       /* Where the shared lib loader was found */
 #endif
diff --git a/ldso/ldso/ldso.c b/ldso/ldso/ldso.c
index 5619629..ed5a8c1 100644
--- a/ldso/ldso/ldso.c
+++ b/ldso/ldso/ldso.c
@@ -64,7 +64,7 @@ struct elf_resolve *_dl_trace_prelink_map    = NULL;	/* Library module for preli
 bool _dl_verbose				= true;					/* On by default */
 bool prelinked					= false;
 #endif
-int _dl_secure = 1; /* Are we dealing with setuid stuff? */
+_dl_secure = 1; /* Assume we dealing with setuid stuff. */
 
 #ifdef __SUPPORT_LD_DEBUG__
 char *_dl_debug           = NULL;
diff --git a/libc/misc/file/issetugid.c b/libc/misc/file/issetugid.c
new file mode 100644
index 0000000..696a932
--- /dev/null
+++ b/libc/misc/file/issetugid.c
@@ -0,0 +1,11 @@
+/* Copyright (C) 2013 Gentoo Foundation
+ * Licensed under LGPL v2.1 or later, see the file COPYING.LIB in this tarball.
+ */
+
+#include <unistd.h>
+#include "ldso.h"
+
+int issetugid(void)
+{
+	return _dl_secure;
+}
-- 
1.8.5.5



More information about the uClibc mailing list