1 /* $NetBSD: set_eugid.c,v 1.1.1.1 2009/06/23 10:09:00 tron Exp $ */ 2 3 /*++ 4 /* NAME 5 /* set_eugid 3 6 /* SUMMARY 7 /* set effective user and group attributes 8 /* SYNOPSIS 9 /* #include <set_eugid.h> 10 /* 11 /* void set_eugid(euid, egid) 12 /* uid_t euid; 13 /* gid_t egid; 14 /* 15 /* void SAVE_AND_SET_EUGID(uid, gid) 16 /* uid_t uid; 17 /* gid_t gid; 18 /* 19 /* void RESTORE_SAVED_EUGID() 20 /* DESCRIPTION 21 /* set_eugid() sets the effective user and group process attributes 22 /* and updates the process group access list to be just the specified 23 /* effective group id. 24 /* 25 /* SAVE_AND_SET_EUGID() opens a block that executes with the 26 /* specified privilege. RESTORE_SAVED_EUGID() closes the block. 27 /* DIAGNOSTICS 28 /* All system call errors are fatal. 29 /* SEE ALSO 30 /* seteuid(2), setegid(2), setgroups(2) 31 /* LICENSE 32 /* .ad 33 /* .fi 34 /* The Secure Mailer license must be distributed with this software. 35 /* AUTHOR(S) 36 /* Wietse Venema 37 /* IBM T.J. Watson Research 38 /* P.O. Box 704 39 /* Yorktown Heights, NY 10598, USA 40 /*--*/ 41 42 /* System library. */ 43 44 #include <sys_defs.h> 45 #include <unistd.h> 46 #include <grp.h> 47 #include <errno.h> 48 49 /* Utility library. */ 50 51 #include "msg.h" 52 #include "set_eugid.h" 53 54 /* set_eugid - set effective user and group attributes */ 55 56 void set_eugid(uid_t euid, gid_t egid) 57 { 58 int saved_errno = errno; 59 60 if (geteuid() != 0) 61 if (seteuid(0)) 62 msg_fatal("set_eugid: seteuid(0): %m"); 63 if (setegid(egid) < 0) 64 msg_fatal("set_eugid: setegid(%ld): %m", (long) egid); 65 if (setgroups(1, &egid) < 0) 66 msg_fatal("set_eugid: setgroups(%ld): %m", (long) egid); 67 if (euid != 0 && seteuid(euid) < 0) 68 msg_fatal("set_eugid: seteuid(%ld): %m", (long) euid); 69 if (msg_verbose) 70 msg_info("set_eugid: euid %ld egid %ld", (long) euid, (long) egid); 71 errno = saved_errno; 72 } 73