[PATCH] libc: add issetugid()
Anthony G. Basile
basile at opensource.dyc.edu
Sun Jul 27 17:20:46 UTC 2014
On 07/27/14 05:36, Rich Felker wrote:
> On Sat, Jul 26, 2014 at 08:12:53AM -0400, Anthony G. Basile wrote:
>> On 07/24/14 16:41, Bernhard Reutner-Fischer wrote:
>>> On Wed, Jul 23, 2014 at 07:28:26AM -0400, Anthony G. Basile wrote:
>>>> I should add that this updated patch addresses Rich's points: 1) I've tested
>>>> this for both dynamic and static linking and I tested that libressl builds
>>>> and works correctly. 2) I added a link to the musl commit for the reasoning
>>>> behind this approach.
>>>>
>>>> On 07/22/14 13:27, basile at opensource.dyc.edu wrote:
>>>>> From: "Anthony G. Basile" <blueness at gentoo.org>
>>>>>
>>>>> issetugid() returns 1 if the process environment or memory address space
>>>>> is considered tainted, and returns 0 otherwise. This happens, for example,
>>>>> when a process's privileges are elevated by the setuid or setgid flags on
>>>>> an executable belonging to root. This function first appeard in OpenBSD 2.0
>>>>> and is needed for the LibreSSL.
>>>>>
>>>>> This patch follows the same logic as the equivalent musl commit. For more
>>>>> information see the commit message at
>>>>>
>>>>> http://git.musl-libc.org/cgit/musl/commit/?id=ddddec106fd17c3aca3287005d21e92f742aa9d4
>>>>> ---
>>>>> include/unistd.h | 8 ++++++++
>>>>> libc/misc/file/issetugid.c | 12 ++++++++++++
>>>>> libc/misc/internals/__uClibc_main.c | 12 ++++++++++++
>>>>> 3 files changed, 32 insertions(+)
>>>>> create mode 100644 libc/misc/file/issetugid.c
>>>>>
>>>>> diff --git a/include/unistd.h b/include/unistd.h
>>>>> index 540062a..6c2c8c2 100644
>>>>> --- a/include/unistd.h
>>>>> +++ b/include/unistd.h
>>>>> @@ -1168,6 +1168,14 @@ extern long int syscall (long int __sysno, ...) __THROW;
>>>>>
>>>>> #endif /* Use misc. */
>>>>>
>>>>> +#ifdef __USE_MISC
>>>
>>> is MISC (or MISC alone) an appropriate guard?
>>
>> I had a hard time (and still have a hard time) deciding this even
>> after carefully reading include/features.h. The function started in
>> openbsd and migrated to free and netbsd, but its not in 4.3BSD.
>> _USE_MISC is looser but does include SYS V. I'm thinking now to
>> just remove the guard. I did speak to Rich about what musl's doing
>> but it doesn't seem appropriate here.
>>
>> If there are no strong opinions, I'll just remove the guard and
>> resubmit in a few days.
>>
>> Your other comments below are good.
>
> I don't think removing the guard would be correct at all; that would
> expose it even in profiles where the namespace is supposed to conform
> to POSIX/XSI. If __USE_MISC is inappropriate, the solution would be to
> move it to a more-inclusive featureset, not a less-inclusive one.
>
> Rich
>
Yeah since unistd.h is POSIX/XSI and issetugid is not, I guess you
really do need *some* guard. As I see it, we have only two
possibilities (from include/features.h):
__USE_BSD Define 4.3BSD things.
__USE_MISC Define things common to BSD and System V Unix.
The other choices _USE_POSIX* _USE_XOPEN* _USE_GNU etc are clearly wrong.
issetugid is not in 4.3BSD, and MISC is more inclusive, hence my
original choice.
So now I'm leaning back using __USE_MISC.
--
Anthony G. Basile, Ph. D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
(716) 829-8197
More information about the uClibc
mailing list