[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[MiNT] Pgetauid/Psetauid
Hi,
I've come across these two undocumented functions in MiNT:
/* tesche: audit user id functions, these id's never change once set to != 0
* and can therefore be used to determine who the initially logged in user was.
*/
long _cdecl
p_getauid (void)
{
return curproc->auid;
}
long _cdecl
p_setauid (int id)
{
if (curproc->auid)
return EACCES; /* this may only be changed once */
return (curproc->auid = id);
}
Am I missing something here? IMHO this is plain nonsense and cannot work.
These two functions are the only locations in the entire kernel where the
field "auid" is read or set and therefore the thing can never work as
described in Tesche's comment.
The "real" function of Pgetauid (as implemented here) is: Did any of my
ancestor processes care to call Psetauid and if so with which argument
(not necessarily the user id by the way but possibly with a negative
argument, so that all calls to Pgetauid will return an error for fun's
sake).
If it should work as described then "auid" has to be a global variable and
not a process-specific one.
Do we need such a function? Then I would change the implementation.
"auid" becomes a global variable, initialized to 0. Psetauid will always
return EPERM (because if we want it to work then we shouldn't rely on a
login program that really sets that auid). Instead, there should be a
check in fork(): If auid is still zero and the current processes effective
user id is non-zero then auid will be set to that value.
Hm, better not in fork but rather in exec if a non-superuser has
successfully spawned a new process.
Am I missing something here?
Ciao
Guido
--
http://stud.uni-sb.de/~gufl0000/
mailto:gufl0000@stud.uni-sb.de