r1800 - trunk/glibc

robert at linuxfromscratch.org robert at linuxfromscratch.org
Wed Apr 25 17:13:41 PDT 2007


Author: robert
Date: 2007-04-25 18:13:41 -0600 (Wed, 25 Apr 2007)
New Revision: 1800

Added:
   trunk/glibc/glibc-2.5-issetugid-1.patch
Log:
Added issetugid() patch for Glibc

Added: trunk/glibc/glibc-2.5-issetugid-1.patch
===================================================================
--- trunk/glibc/glibc-2.5-issetugid-1.patch	                        (rev 0)
+++ trunk/glibc/glibc-2.5-issetugid-1.patch	2007-04-26 00:13:41 UTC (rev 1800)
@@ -0,0 +1,243 @@
+Submitted By: Robert Connolly <robert at linuxfromscratch dot org> (ashes)
+Date: 2007-04-25
+Initial Package Version: 2.5
+Upstream Status: Not Submitted
+Origin: Alt-Linux and Me.
+Description: This adds the issetugid() library function as a frontend
+to the __libc_enable_secure() dynamic linker function. This wasn't really
+nescessary, but the patch effectively clones the OpenBSD issetugid()
+library function so it can be found and used by packages like Ncurses,
+and KDE. Adding this issetugid() wrapper keeps us from needing to patch many
+packages to use __libc_enable_secure().
+
+You will probably want to install the (modified) manual/issetugid.3
+manual page too.
+
+diff -Naur glibc-2.5.orig/manual/issetugid.3 glibc-2.5/manual/issetugid.3
+--- glibc-2.5.orig/manual/issetugid.3	1970-01-01 00:00:00.000000000 +0000
++++ glibc-2.5/manual/issetugid.3	2007-04-25 23:23:21.000000000 +0000
+@@ -0,0 +1,106 @@
++.\"	$OpenBSD: issetugid.2,v 1.18 2003/06/02 20:18:39 millert Exp $
++.\"
++.\" Copyright (c) 1980, 1991, 1993
++.\"	The Regents of the University of California.  All rights reserved.
++.\"
++.\" Redistribution and use in source and binary forms, with or without
++.\" modification, are permitted provided that the following conditions
++.\" are met:
++.\" 1. Redistributions of source code must retain the above copyright
++.\"    notice, this list of conditions and the following disclaimer.
++.\" 2. Redistributions in binary form must reproduce the above copyright
++.\"    notice, this list of conditions and the following disclaimer in the
++.\"    documentation and/or other materials provided with the distribution.
++.\" 3. Neither the name of the University nor the names of its contributors
++.\"    may be used to endorse or promote products derived from this software
++.\"    without specific prior written permission.
++.\"
++.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
++.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
++.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
++.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
++.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
++.\" SUCH DAMAGE.
++.\"
++.Dd August 25, 1996
++.Dt ISSETUGID 3
++.Os
++.Sh NAME
++.Nm issetugid
++.Nd is current executable running setuid or setgid
++.Sh SYNOPSIS
++.Fd #include <unistd.h>
++.Ft int
++.Fn issetugid void
++.Sh DESCRIPTION
++The
++.Fn issetugid
++function returns 1 if the process was made setuid or setgid as
++the result of the last or other previous
++.Fn execve
++system calls.
++Otherwise it returns 0.
++.Pp
++This function exists so that library routines (inside libtermlib, libc,
++or other libraries) can guarantee safe behavior when used inside
++setuid or setgid programs. This implementation uses the
++__libc_enable_secure() function from Glibc's dynamic linker.
++Some library routines may be passed insufficient information and hence
++not know whether the current program was started setuid or setgid
++because higher level calling code may have made changes to the uid, euid,
++gid, or egid.
++Hence these low-level library routines are unable to determine if they
++are being run with elevated or normal privileges.
++.Pp
++In particular, it is wise to use this call to determine if a
++pathname returned from a
++.Fn getenv
++call may safely be used to
++.Fn open
++the specified file.
++Quite often this is not wise because the status of the effective uid
++is not known.
++.Pp
++The
++.Fn issetugid
++system call's result is unaffected by calls to
++.Fn setuid ,
++.Fn setgid ,
++or other such calls.
++In case of a
++.Fn fork ,
++the child process inherits the same status.
++.Pp
++The status of
++.Fn issetugid
++is only affected by
++.Fn execve .
++If a child process executes a new executable file, a new issetugid
++status will be determined.
++This status is based on the existing process's uid, euid, gid,
++and egid permissions and on the modes of the executable file.
++If the new executable file modes are setuid or setgid, or if
++the existing process is executing the new image with
++uid != euid or gid != egid, the new process will be considered
++issetugid.
++.Sh ERRORS
++The
++.Fn issetugid
++function is always successful, and no return value is reserved to
++indicate an error.
++.Sh SEE ALSO
++.Xr execve 2 ,
++.Xr setegid 2 ,
++.Xr seteuid 2 ,
++.Xr setgid 2 ,
++.Xr setuid 2
++.Sh HISTORY
++The
++.Fn issetugid
++function call first appeared in
++.Ox 2.0 .
+diff -Naur glibc-2.5.orig/posix/Makefile glibc-2.5/posix/Makefile
+--- glibc-2.5.orig/posix/Makefile	2006-09-07 13:50:05.000000000 +0000
++++ glibc-2.5/posix/Makefile	2007-04-25 23:23:21.000000000 +0000
+@@ -47,7 +47,7 @@
+ 	getpid getppid							      \
+ 	getuid geteuid getgid getegid getgroups setuid setgid group_member    \
+ 	getpgid setpgid getpgrp bsd-getpgrp setpgrp getsid setsid	      \
+-	getresuid getresgid setresuid setresgid				      \
++	getresuid getresgid setresuid setresgid	issetugid		      \
+ 	getlogin getlogin_r setlogin					      \
+ 	pathconf sysconf fpathconf					      \
+ 	glob glob64 fnmatch regex					      \
+diff -Naur glibc-2.5.orig/posix/Versions glibc-2.5/posix/Versions
+--- glibc-2.5.orig/posix/Versions	2004-05-03 21:25:44.000000000 +0000
++++ glibc-2.5/posix/Versions	2007-04-25 23:23:21.000000000 +0000
+@@ -38,6 +38,9 @@
+     getopt_long_only; getpgid; getpgrp; getpid; getppid; getsid; getuid; glob;
+     glob_pattern_p; globfree; group_member;
+ 
++    # i*
++    issetugid;
++
+     # n*
+     nanosleep;
+ 
+diff -Naur glibc-2.5.orig/posix/issetugid.c glibc-2.5/posix/issetugid.c
+--- glibc-2.5.orig/posix/issetugid.c	1970-01-01 00:00:00.000000000 +0000
++++ glibc-2.5/posix/issetugid.c	2007-04-25 23:23:21.000000000 +0000
+@@ -0,0 +1,61 @@
++/*
++ * Copyright (C) - 2007 Robert Connolly
++ *
++ * Permission to reproduce, copy, delete, distribute, transmit, use, modify,
++ * build upon or otherwise exploit this software, in any form, for any
++ * purpose, in any way, and by anyone, including by methods that have not
++ * yet been invented or conceived, is hereby granted.
++ */
++
++#include <unistd.h>
++
++extern int __libc_enable_secure;
++
++int issetugid(void)
++{
++	if (__libc_enable_secure)
++	 {
++	   return 1;
++	 }
++
++	if (getuid() != geteuid())
++	 {
++	   return 1;
++	 }
++
++	if (getgid() != getegid())
++	 {
++	   return 1;
++	 }
++
++	/* Else */
++	return 0;
++}
++
++#if defined(TEST)
++
++# include <stdio.h>
++
++int main(void)
++{
++        int GETUID=getuid(), GETGID=getgid();
++        int GETEUID=geteuid(), GETEGID=getegid();
++        int ISSETUGID=issetugid();
++
++        printf("Your real user ID is %d\n", GETUID);
++        printf("Your real group ID is %d\n", GETGID);
++        printf("Your effective user ID is %d\n", GETEUID);
++        printf("Your effective group ID is %d\n", GETEGID);
++
++        if (ISSETUGID == 1)
++         {
++           printf("issetugid() says this program is SUID\n");
++         }
++        else
++         {
++           printf("issetugid() says this program is not SUID\n");
++         }
++
++        return 0;
++}
++#endif /* TEST */
+diff -Naur glibc-2.5.orig/posix/unistd.h glibc-2.5/posix/unistd.h
+--- glibc-2.5.orig/posix/unistd.h	2006-08-24 06:46:27.000000000 +0000
++++ glibc-2.5/posix/unistd.h	2007-04-25 23:23:21.000000000 +0000
+@@ -648,6 +648,10 @@
+ /* Get the effective group ID of the calling process.  */
+ extern __gid_t getegid (void) __THROW;
+ 
++/* Call __libc_enable_secure() and tell us whether the process is
++   SUID or SGID */
++extern int issetugid(void);
++
+ /* If SIZE is zero, return the number of supplementary groups
+    the calling process is in.  Otherwise, fill in the group IDs
+    of its supplementary groups in LIST and return the number written.  */
+diff -Naur glibc-2.5.orig/scripts/data/localplt-i386-linux-gnu.data glibc-2.5/scripts/data/localplt-i386-linux-gnu.data
+--- glibc-2.5.orig/scripts/data/localplt-i386-linux-gnu.data	2006-01-11 21:06:19.000000000 +0000
++++ glibc-2.5/scripts/data/localplt-i386-linux-gnu.data	2007-04-25 23:23:53.000000000 +0000
+@@ -1,6 +1,10 @@
+ libc.so: _Unwind_Find_FDE
+ libc.so: calloc
+ libc.so: free
++libc.so: getegid
++libc.so: geteuid
++libc.so: getgid
++libc.so: getuid
+ libc.so: malloc
+ libc.so: memalign
+ libc.so: realloc




More information about the patches mailing list