1/*++ 2/* NAME 3/* set_eugid 3 4/* SUMMARY 5/* set effective user and group attributes 6/* SYNOPSIS 7/* #include <set_eugid.h> 8/* 9/* void set_eugid(euid, egid) 10/* uid_t euid; 11/* gid_t egid; 12/* 13/* void SAVE_AND_SET_EUGID(uid, gid) 14/* uid_t uid; 15/* gid_t gid; 16/* 17/* void RESTORE_SAVED_EUGID() 18/* DESCRIPTION 19/* set_eugid() sets the effective user and group process attributes 20/* and updates the process group access list to be just the specified 21/* effective group id. 22/* 23/* SAVE_AND_SET_EUGID() opens a block that executes with the 24/* specified privilege. RESTORE_SAVED_EUGID() closes the block. 25/* DIAGNOSTICS 26/* All system call errors are fatal. 27/* SEE ALSO 28/* seteuid(2), setegid(2), setgroups(2) 29/* LICENSE 30/* .ad 31/* .fi 32/* The Secure Mailer license must be distributed with this software. 33/* AUTHOR(S) 34/* Wietse Venema 35/* IBM T.J. Watson Research 36/* P.O. Box 704 37/* Yorktown Heights, NY 10598, USA 38/*--*/ 39 40/* System library. */ 41 42#include <sys_defs.h> 43#include <unistd.h> 44#include <grp.h> 45#include <errno.h> 46 47/* Utility library. */ 48 49#include "msg.h" 50#include "set_eugid.h" 51 52/* set_eugid - set effective user and group attributes */ 53 54void set_eugid(uid_t euid, gid_t egid) 55{ 56 int saved_errno = errno; 57 58 if (geteuid() != 0) 59 if (seteuid(0)) 60 msg_fatal("set_eugid: seteuid(0): %m"); 61 if (setegid(egid) < 0) 62 msg_fatal("set_eugid: setegid(%ld): %m", (long) egid); 63 if (setgroups(1, &egid) < 0) 64 msg_fatal("set_eugid: setgroups(%ld): %m", (long) egid); 65 if (euid != 0 && seteuid(euid) < 0) 66 msg_fatal("set_eugid: seteuid(%ld): %m", (long) euid); 67 if (msg_verbose) 68 msg_info("set_eugid: euid %ld egid %ld", (long) euid, (long) egid); 69 errno = saved_errno; 70} 71