1.\" $OpenBSD: issetugid.2,v 1.7 1997/02/18 00:16:09 deraadt Exp $ 2.\" 3.\" Copyright (c) 1980, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. Neither the name of the University nor the names of its contributors 15.\" may be used to endorse or promote products derived from this software 16.\" without specific prior written permission. 17.\" 18.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 19.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" 30.Dd August 25, 1996 31.Dt ISSETUGID 2 32.Os 33.Sh NAME 34.Nm issetugid 35.Nd is current process tainted by uid or gid changes 36.Sh LIBRARY 37.Lb libc 38.Sh SYNOPSIS 39.In unistd.h 40.Ft int 41.Fn issetugid void 42.Sh DESCRIPTION 43The 44.Fn issetugid 45system call returns 1 if the process environment or memory address space 46is considered 47.Dq tainted , 48and returns 0 otherwise. 49.Pp 50A process is tainted if it was created as a result of an 51.Xr execve 2 52system call which had either of the setuid or setgid bits set (and extra 53privileges were given as a result) or if it has changed any of its real, 54effective or saved user or group ID's since it began execution. 55.Pp 56This system call exists so that library routines (eg: libc, libtermcap) 57can reliably determine if it is safe to use information 58that was obtained from the user, in particular the results from 59.Xr getenv 3 60should be viewed with suspicion if it is used to control operation. 61.Pp 62A 63.Dq tainted 64status is inherited by child processes as a result of the 65.Xr fork 2 66system call (or other library code that calls fork, such as 67.Xr popen 3 ) . 68.Pp 69It is assumed that a program that clears all privileges as it prepares 70to execute another will also reset the environment, hence the 71.Dq tainted 72status will not be passed on. 73This is important for programs such as 74.Xr su 1 75which begin setuid but need to be able to create an untainted process. 76.Sh ERRORS 77The 78.Fn issetugid 79system call is always successful, and no return value is reserved to 80indicate an error. 81.Sh SEE ALSO 82.Xr execve 2 , 83.Xr fork 2 , 84.Xr setegid 2 , 85.Xr seteuid 2 , 86.Xr setgid 2 , 87.Xr setregid 2 , 88.Xr setreuid 2 , 89.Xr setuid 2 90.Sh HISTORY 91The 92.Fn issetugid 93system call first appeared in 94.Ox 2.0 95and was also implemented in 96.Fx 3.0 . 97