1 /* $NetBSD: unsafe.c,v 1.1.1.1 2009/06/23 10:09:01 tron Exp $ */ 2 3 /*++ 4 /* NAME 5 /* unsafe 3 6 /* SUMMARY 7 /* are we running at non-user privileges 8 /* SYNOPSIS 9 /* #include <safe.h> 10 /* 11 /* int unsafe() 12 /* DESCRIPTION 13 /* The \fBunsafe()\fR routine attempts to determine if the process runs 14 /* with any privileges that do not belong to the user. The purpose is 15 /* to make it easy to taint any user-provided data such as the current 16 /* working directory, the process environment, etcetera. 17 /* 18 /* On UNIX systems, the result is true when any of the following 19 /* conditions is true: 20 /* .IP \(bu 21 /* The issetuid kernel flag is non-zero (on systems that support 22 /* this concept). 23 /* .IP \(bu 24 /* The real and effective user id differ. 25 /* .IP \(bu 26 /* The real and effective group id differ. 27 /* LICENSE 28 /* .ad 29 /* .fi 30 /* The Secure Mailer license must be distributed with this software. 31 /* AUTHOR(S) 32 /* Wietse Venema 33 /* IBM T.J. Watson Research 34 /* P.O. Box 704 35 /* Yorktown Heights, NY 10598, USA 36 /*--*/ 37 38 /* System library. */ 39 40 #include <sys_defs.h> 41 #include <unistd.h> 42 43 /* Utility library. */ 44 45 #include "safe.h" 46 47 /* unsafe - can we trust user-provided environment, working directory, etc. */ 48 49 int unsafe(void) 50 { 51 return (geteuid() != getuid() 52 #ifdef HAS_ISSETUGID 53 || issetugid() 54 #endif 55 || getgid() != getegid()); 56 } 57