Xref: utzoo comp.unix.wizards:7161 comp.bugs.sys5:382
Path: utzoo!mnetor!uunet!lll-winken!lll-tis!ames!hao!oddjob!matt
From: matt@oddjob.UChicago.EDU (Schizophrenic Solipsist)
Newsgroups: comp.unix.wizards,comp.bugs.sys5
Subject: Re: Guide to writing secure setuid programs?
Message-ID: <14521@oddjob.UChicago.EDU>
Date: 17 Mar 88 23:54:08 GMT
References: <181@wsccs.UUCP> <722@rivm05.UUCP> <1037@woton.UUCP> <239@piring.cwi.nl> <127@heart-of-gold>
Organization: Very Little
Lines: 23

jc@heart-of-gold (John M Chambers x7780 1E342) asks:

)   If there were a way to test at run time whether the program (well,
) actually the process, but you know what I mean) is setuid:
) 
) 	if (setuid(getpid())) {
) 		<<Don't do a bunch of stuff>>
) 	} else {
) 		<<Go ahead and do them>>
) 	}
) 
) Can anyone show me the source for setuid()?  I suspect that you can't,
) but I'd like someone to explain how stupid I'm being and how easy it is.

int
i_am_setuid()
{
	return getuid() != geteuid();
}

/* I *think* it is done in SysV as it is in BSD.  Amen. */
________________________________________________________
Matt	     University		matt@oddjob.uchicago.edu
Crawford     of Chicago     {astrovax,ihnp4}!oddjob!matt