issetugid(2)
NAME
issetugid - is current process tainted by uid or gid changes
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <unistd.h> int issetugid(void);
DESCRIPTION
- The issetugid() system call returns 1 if the process envi
- ronment or memory address space is considered ``tainted'', and returns 0
- otherwise.
- A process is tainted if it was created as a result of an ex
- ecve(2) system
call which had either of the setuid or setgid bits set (and - extra privileges were given as a result) or if it has changed any of
- its real,
effective or saved user or group ID's since it began execu - tion.
- This system call exists so that library routines (eg: libc,
- libtermcap)
can reliably determine if it is safe to use information that - was obtained
from the user, in particular the results from getenv(3) - should be viewed
with suspicion if it is used to control operation. - A ``tainted'' status is inherited by child processes as a
- result of the
fork(2) system call (or other library code that calls fork, - such as
popen(3)). - It is assumed that a program that clears all privileges as
- it prepares to
execute another will also reset the environment, hence the - ``tainted''
status will not be passed on. This is important for pro - grams such as
su(1) which begin setuid but need to be able to create an - untainted process.
ERRORS
- The issetugid() system call is always successful, and no re
- turn value is
reserved to indicate an error.
SEE ALSO
HISTORY
- The issetugid() system call first appeared in OpenBSD 2.0
- and was also
implemented in FreeBSD 3.0. - BSD August 25, 1996