1/*++ 2/* NAME 3/* unsafe 3 4/* SUMMARY 5/* are we running at non-user privileges 6/* SYNOPSIS 7/* #include <safe.h> 8/* 9/* int unsafe() 10/* DESCRIPTION 11/* The \fBunsafe()\fR routine attempts to determine if the process runs 12/* with any privileges that do not belong to the user. The purpose is 13/* to make it easy to taint any user-provided data such as the current 14/* working directory, the process environment, etcetera. 15/* 16/* On UNIX systems, the result is true when any of the following 17/* conditions is true: 18/* .IP \(bu 19/* The issetuid kernel flag is non-zero (on systems that support 20/* this concept). 21/* .IP \(bu 22/* The real and effective user id differ. 23/* .IP \(bu 24/* The real and effective group id differ. 25/* LICENSE 26/* .ad 27/* .fi 28/* The Secure Mailer license must be distributed with this software. 29/* AUTHOR(S) 30/* Wietse Venema 31/* IBM T.J. Watson Research 32/* P.O. Box 704 33/* Yorktown Heights, NY 10598, USA 34/*--*/ 35 36/* System library. */ 37 38#include <sys_defs.h> 39#include <unistd.h> 40 41/* Utility library. */ 42 43#include "safe.h" 44 45/* unsafe - can we trust user-provided environment, working directory, etc. */ 46 47int unsafe(void) 48{ 49 return (geteuid() != getuid() 50#ifdef HAS_ISSETUGID 51 || issetugid() 52#endif 53 || getgid() != getegid()); 54} 55