Patrick Welche <prlw1@cam.ac.uk>
[netbsd-mini2440.git] / external / ibm-public / postfix / dist / src / util / unsafe.c
blob24944cd244fb7809861cb8495593a39fe58ca9e9
1 /* $NetBSD$ */
3 /*++
4 /* NAME
5 /* unsafe 3
6 /* SUMMARY
7 /* are we running at non-user privileges
8 /* SYNOPSIS
9 /* #include <safe.h>
11 /* int unsafe()
12 /* DESCRIPTION
13 /* The \fBunsafe()\fR routine attempts to determine if the process runs
14 /* with any privileges that do not belong to the user. The purpose is
15 /* to make it easy to taint any user-provided data such as the current
16 /* working directory, the process environment, etcetera.
18 /* On UNIX systems, the result is true when any of the following
19 /* conditions is true:
20 /* .IP \(bu
21 /* The issetuid kernel flag is non-zero (on systems that support
22 /* this concept).
23 /* .IP \(bu
24 /* The real and effective user id differ.
25 /* .IP \(bu
26 /* The real and effective group id differ.
27 /* LICENSE
28 /* .ad
29 /* .fi
30 /* The Secure Mailer license must be distributed with this software.
31 /* AUTHOR(S)
32 /* Wietse Venema
33 /* IBM T.J. Watson Research
34 /* P.O. Box 704
35 /* Yorktown Heights, NY 10598, USA
36 /*--*/
38 /* System library. */
40 #include <sys_defs.h>
41 #include <unistd.h>
43 /* Utility library. */
45 #include "safe.h"
47 /* unsafe - can we trust user-provided environment, working directory, etc. */
49 int unsafe(void)
51 return (geteuid() != getuid()
52 #ifdef HAS_ISSETUGID
53 || issetugid()
54 #endif
55 || getgid() != getegid());