DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

identity(S)


identity -- get or check uids or gids from program start

Syntax

cc . . . -lprot

#include <sys/types.h>
#include <sys/security.h>
#include <sys/audit.h>
#include <prot.h>

void check_auth_parameters ()

int is_starting_egid (gid) ushort gid;

int is_starting_euid (uid) ushort uid;

int is_starting_luid (uid) ushort uid;

int is_starting_ruid (uid) ushort uid;

int is_starting_rgid (gid) ushort gid;

void set_auth_parameters (argc, argv) int argc; char *argv[];

ushort starting_egid ()

ushort starting_euid ()

ushort starting_luid ()

ushort starting_rgid ()

ushort starting_ruid ()

Description

check_auth_parameters- verify that set_auth_parameters has been perviously invoked

is_starting_egid (gid)- check current effective GID against retained ID

is_starting_euid (uid)- check current effective UID against retained ID

is_starting_luid (uid)- check current login UID against retained ID

is_starting_ruid (uid)- check current real UID against retained ID

is_starting_rgid (gid)- check current real GID against retained ID

set_auth_parameters- retain IDs for future lookup

starting_egid- returns the effective GID

starting_euid- returns the effective UID

starting_luid- returns the login UID

starting_rgid- returns the real GID

starting_ruid- returns the real UID

These routines provide a way to recall the IDs of a process at the time the program started. They are useful when interrogating the invoking environment of a program after any setuid(S) or setgid(S) calls have been made so that the original environment can be captured.

starting_luid returns the login UID for the process as it was set in the beginning of the program. The login UID is the immutable stamp for the process and accurately denotes the account under which the session is being run, regardless of subsequent setuid(S) calls. starting_ruid returns the real UID for the process as it was set in the beginning of the program. Similarly, starting_euid returns the effective UID, starting_rgid returns the real GID, and starting_egid returns the effective GID, These IDs may not be the same as those returned by getluid(S), getuid(S), geteuid(S), getgid(S), or getegid(S), respectively, because intervening calls to setluid(S), setuid(S) or setgid(S) can change the latter set while the former set remains the same.

The routine is_starting_luid returns 1 if the argument is the same as the login UID at the time when set_auth_parameters was invoked, and 0 otherwise. Similarly, is_starting_ruid returns 1 if the argument is the same as the real UID at the time when set_auth_parameters was invoked, and 0 otherwise; is_starting_euid returns 1 if the argument is the same as the effective UID at the time when set_auth_parameters was invoked, and 0 otherwise; is_starting_rgid returns 1 if the argument is the same as the real GID at the time when set_auth_parameters was invoked, and 0 otherwise; and is_starting_egid returns 1 if the argument is the same as the effective GID at the time when set_auth_parameters was invoked, and 0 otherwise.

The set_auth_parameters routine is used to retain the IDs for future lookup. It also tests the kernel to see if the C2 security features have been loaded. If not, the program exists with an error message. It should be called first in a program or there is a chance that it captures an environment different from the program beginning. The two arguments are the argument count and vector with which the program was called. check_auth_parameters verifies that set_auth_parameters has been previously invoked. If not, the program exits. If so, nothing happens.

Notes

These routines only work as advertised when set_auth_parameters is called as the first item in main().

set_auth_parameters resets the umask in the calling process to 077.

See also

getegid(S), geteuid(S), getgid(S), getuid(S)

Standards conformance

identity is an extension of AT&T System V provided by the Santa Cruz Operation.
© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003