|
Message-Id: <1405441807-5327-1-git-send-email-bcook@openbsd.org> Date: Tue, 15 Jul 2014 16:30:07 +0000 From: Brent Cook <busterb@...il.com> To: musl@...ts.openwall.com Cc: beck@...nbsd.org Subject: [PATCH] implement issetugid(2) (v4) >From OpenBSD 2.0 and later, NetBSD, FreeBSD, OS X and Solaris http://www.openbsd.org/cgi-bin/man.cgi?query=issetugid&sektion=2 While getauxval(AT_SECURE) might have been able to provide comparable functionality on the libc versions that support it, several Linux libc versions implement it in a way such that the results cannot be trusted, since there is no way to tell if it has failed. Worse, the result of '0' returned on failures effectively causes the security mechanism to fail 'open'. There is also no simultaneously reliable and portable way for a library to identify if the C library has a usable version of getauxval, since the symbol is unversioned. Compile-time checks for usability are also unfeasible, since static libraries built with a 'good' version can be linked to a 'bad' version of getauxval. The fix is to implement the BSD issetugid(2) interface so that a portable library can use its presence to determine if the underlying C library has a reliable way of determining if it is running in a secure mode. --- include/unistd.h | 1 + src/unistd/issetugid.c | 7 +++++++ 2 files changed, 8 insertions(+) create mode 100644 src/unistd/issetugid.c diff --git a/include/unistd.h b/include/unistd.h index bb19cd8..ac6055a 100644 --- a/include/unistd.h +++ b/include/unistd.h @@ -178,6 +178,7 @@ char *getusershell(void); int acct(const char *); long syscall(long, ...); int execvpe(const char *, char *const [], char *const []); +int issetugid(void); #endif #ifdef _GNU_SOURCE diff --git a/src/unistd/issetugid.c b/src/unistd/issetugid.c new file mode 100644 index 0000000..6ffd930 --- /dev/null +++ b/src/unistd/issetugid.c @@ -0,0 +1,7 @@ +#include <unistd.h> +#include "libc.h" + +int issetugid(void) +{ + return libc.secure; +} -- 1.9.1
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.