external/ibm-public/postfix/dist/src/util/unsafe.c

   1 /*      $NetBSD$        */
   2
   3 /*++
   4 /* NAME
   5 /*      unsafe 3
   6 /* SUMMARY
   7 /*      are we running at non-user privileges
   8 /* SYNOPSIS
   9 /*      #include <safe.h>
  10 /*
  11 /*      int     unsafe()
  12 /* DESCRIPTION
  13 /*      The \fBunsafe()\fR routine attempts to determine if the process runs
  14 /*      with any privileges that do not belong to the user. The purpose is
  15 /*      to make it easy to taint any user-provided data such as the current
  16 /*      working directory, the process environment, etcetera.
  17 /*
  18 /*      On UNIX systems, the result is true when any of the following
  19 /*      conditions is true:
  20 /* .IP \(bu
  21 /*      The issetuid kernel flag is non-zero (on systems that support
  22 /*      this concept).
  23 /* .IP \(bu
  24 /*      The real and effective user id differ.
  25 /* .IP \(bu
  26 /*      The real and effective group id differ.
  27 /* LICENSE
  28 /* .ad
  29 /* .fi
  30 /*      The Secure Mailer license must be distributed with this software.
  31 /* AUTHOR(S)
  32 /*      Wietse Venema
  33 /*      IBM T.J. Watson Research
  34 /*      P.O. Box 704
  35 /*      Yorktown Heights, NY 10598, USA
  36 /*--*/
  37
  38 /* System library. */
  39
  40 #include <sys_defs.h>
  41 #include <unistd.h>
  42
  43 /* Utility library. */
  44
  45 #include "safe.h"
  46
  47 /* unsafe - can we trust user-provided environment, working directory, etc. */
  48
  49 int     unsafe(void)
  50 {
  51     return (geteuid() != getuid()
  52 #ifdef HAS_ISSETUGID
  53             || issetugid()
  54 #endif
  55             || getgid() != getegid());
  56 }