Re: issetugid() for other procs
On Sun, 7 Oct 2007 21:04:02 +0300
Kostik Belousov <kostikbel@gmail.com> wrote:
> On Sun, Oct 07, 2007 at 12:28:05PM -0500, Zane C.B. wrote:
> > On Sun, 07 Oct 2007 18:25:57 +0200
> > Jan M?nther <jan.muenther@nruns.com> wrote:
> >
> > > man getuid, man geteuid.
> >
> > This does work for other procs, only the one that is calling it.
> >
> > Like I said initially I am looking to check if another proc has
> > run setuid, seteuid, or been executed or forked by one that has.
>
> Note that what you trying to do is racy by definition.
Why is that? It seems like something that be useful instead of
something taboo. My interest in it is I am writing a database
connector interested in making it paranoid as possible.
> To get the value of issetugid() for some other process, as it
> _could_ be returned at some moment in a time, you shall check the
> P_SUGID bit of the p_flag from the corresponding struct proc. This
> is available by the kvm_getprocs(3) interface in the ki_flag field
> of the kinfo_proc structure, see corresponding man page.
Awesome, I will begin investigating this.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 4 之 7 篇):