0001344: Addition of setresuid()/setresgid()/getresuid()/getresgid()

ID	Project	Category	View Status	Date Submitted	Last Update

0001344	1003.1(2016/18)/Issue7+TC2	System Interfaces	public	2020-05-20 10:34	2024-06-11 09:08

Reporter	mkerrisk	Assigned To	ajosey
Priority	normal	Severity	Editorial	Type	Enhancement Request
Status	Closed	Resolution	Accepted As Marked

Name	Michael Kerrisk
Organization	man7.org
User Reference
Section	XSH
Page Number	n/a
Line Number	n/a
Interp Status	---
Final Accepted Text	0001344:0006078


Summary	0001344: Addition of setresuid()/setresgid()/getresuid()/getresgid()
Description	setresuid()/setresgid()/getresuid()/getresgid() are implemented on a number systems including at least Linux, FreeBSD, OpenBSD, and HP-UX. (Notably, they are not present on Solaris, so far as I know.) Adding these interfaces to POSIX would be valuable for a number of reasons: * The semantics of the existing APIs for modifying credentials are problematic. The semantics of setuid()/setgid() depend on whether the process is privileged, so that the API either changes just the effective ID, or all of real/effective and saved set IDs. The only POSIX-specified way to change saved set IDs is to use setreuid()/setregid(). But those APIs depend on a bizarre rule to determine whether or not the saved set ID is modified. These sorts of funny behaviors are invitations for programmers to make mistakes, and in this case such mistakes have obvious security implications. * By contrast with the former point, the semantics of the changes made by setresuid() and setresgid() are simple and transparent: one argument per credential, with "-1" being used to signify "no change". No semantics that vary according to whether the process is privileged and no funny rules. * getresuid()/getresgid() provide the only means of explicitly retrieving the save set-UID/GID.
Desired Action	1. Add specifications of setresuid()/setresgid()/getresuid()/getresgid() 2. Add SEE ALSO entries in relevant other pages (getuid(), geteuid(), setuid(), setreuid(), getgid(), getegid(), setgid(), setregid(), <unistd.h>) 3. Add prototypes to <unistd.h> 4. Add to "XSI_USER_GROUPS" in "E.1 Subprofiling Option Groups"(?) I will attempt 1; presumably 2, 3, 4 can be written up as boilerplate editing directions (which I can attempt, but may need some assistance).
Tags	issue8

mkerrisk 2020-05-21 13:09 reporter bugnote:0004879	On page 448 (<unistd.h> Declarations), after line 15419, insert int getresgid(gid_t rgid, gid_t egid, gid_t sgid); int getresuid(uid_t ruid, uid_t euid, uid_t suid); On page 448 (<unistd.h> Declarations), after line 15443, insert int setresgid(gid_t rgid, gid_t egid, gid_t sgid); int setresuid(uid_t ruid, uid_t euid, uid_t suid); On page 451 (<unistd.h> SEE ALSO) at lines 15579-15581, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1028 (getegid() SEE ALSO) at line 35033, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1032 (geteuid() SEE ALSO) at line 35171, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1033 (getgid() SEE ALSO) at line 35210, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1104 (getuid() SEE ALSO) at line 37410, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1890 (setegid() SEE ALSO) at line 61214, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1893 (seteuid() SEE ALSO) at line 61308, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1894 (setgid() SEE ALSO) at line 61345, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1917 (setregid() SEE ALSO) at line 61847, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1919 (setreuid() SEE ALSO) at line 61908, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1929 (setuid() SEE ALSO) at line 62155, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() (Depending on whether these APIs should be part of XSI_USER_GROUPS) On page 3794 (Subprofiling Option Groups) at lines 130234-130234, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() At page 1086, insert the specifications for getresuid() and getresgid(): NAME getresgid - get real group ID, effective group ID, and saved set-group-ID SYNOPSIS #include <unistd.h> int getresgid(gid_t rgid, gid_t egid, gid_t sgid); DESCRIPTION* The getresgid() function shall return the calling process's real group ID, effective group ID, and saved set-group-ID, storing them in the locations pointed to by, respectively, the arguments rgid, egid, and sgid. RETURN VALUE Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error. ERRORS No errors are defined. SEE ALSO getegid(), geteuid(), getgid(), getresuid(), getuid(), setegid(), setgid(), seteuid(), setregid(), setresgid(), setresuid(), setreuid(), setuid() XBD <sys/types.h>, <unistd.h> NAME getresuid - get real user ID, effective user ID, and saved set-user-ID SYNOPSIS #include <unistd.h> int getresuid(uid_t ruid, uid_t euid, uid_t suid); DESCRIPTION* The getresuid() function shall return the calling process's real user ID, effective user ID, and saved set-user-ID, storing them in the locations pointed to by, respectively, the arguments ruid, euid, and suid. RETURN VALUE Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error. ERRORS No errors are defined. SEE ALSO getegid(), geteuid(), getgid(), getresgid(), getuid(), setegid(), setgid(), seteuid(), setregid(), setresgid(), setresuid(), setreuid(), setuid() XBD <sys/types.h>, <unistd.h> At page 1918, insert the specifications for setresuid() and setresgid(): NAME setresgid - set real group ID, effective group ID, and saved set-group-ID SYNOPSIS #include <unistd.h> int setresgid(gid_t rgid, gid_t egid, gid_t sgid); DESCRIPTION The setresgid() function shall change the calling process's real group ID, effective group ID, and saved set-group-ID, respectively, to the values specified by rgid, egid, and sgid. If one of the arguments is -1, the corresponding group ID shall not be changed. Only a process with appropriate privileges can set the real group ID, effective group ID, and saved set-group-ID to any valid value. A non-privileged process may set its real group ID, effective group ID, and saved set-group-ID, each to one of the values that it currently holds in its real group ID, effective group ID, or saved set-group-ID. The real group ID, effective group ID, and saved set-group-ID may be set to different values in the same call. RETURN VALUE Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error, and none of the group IDs shall be changed. ERRORS The setresgid() function shall fail if: [EINVAL] The value of the rgid, egid, or sgid argument is invalid or out-of-range. [EPERM] The calling process does not have appropriate privileges, and an attempt was made to change the real group ID, effective group ID, or saved set-group-ID to a value that is not currently present in one of those IDs. SEE ALSO getegid(), geteuid(), getgid(), getresgid(), getresuid(), getuid(), setegid(), seteuid(), setgid(), setregid(), setresuid(), setreuid(), setuid() XBD <sys/types.h>, <unistd.h> NAME setresuid - set real user ID, effective user ID, and saved set-user-ID SYNOPSIS #include <unistd.h> int setresuid(uid_t ruid, uid_t euid, uid_t suid); DESCRIPTION The setresuid() function shall change the calling process's real user ID, effective user ID, and saved set-user-ID, respectively, to the values specified by ruid, euid, and suid. If one of the arguments is -1, the corresponding user ID shall not be changed. Only a process with appropriate privileges can set the real user ID, effective user ID, and saved set-user-ID to any valid value. A non-privileged process may set its real user ID, effective user ID, and saved set-user-ID, each to one of the values that it currently holds in its real user ID, effective user ID, or saved set-user-ID. The real user ID, effective user ID, and saved set-user-ID may be set to different values in the same call. RETURN VALUE Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error, and none of the user IDs shall be changed. ERRORS The setresuid() function shall fail if: [EINVAL] The value of the ruid, euid, or suid argument is invalid or out-of-range. [EPERM] The calling process does not have appropriate privileges, and an attempt was made to change the real user ID, effective user ID, or saved set-user-ID to a value that is not currently present in one of those IDs. SEE ALSO getegid(), geteuid(), getgid(), getresgid(), getresuid(), getuid(), setegid(), seteuid(), setgid(), setregid(), setresgid(), setreuid(), setuid() XBD <sys/types.h>, <unistd.h>

geoffclare 2022-02-22 10:15 manager bugnote:0005699 Last edited: 2022-02-24 16:16	This is an updated version of 0001344:0004879 with XSI shading added, parameter names removed from header prototypes, and some minor wording and formatting changes. On page 448 (<unistd.h> Declarations), after line 15419, insert with XSI shading: int getresgid(gid_t , gid_t , gid_t ); int getresuid(uid_t , uid_t , uid_t ); On page 448 (<unistd.h> Declarations), after line 15443, insert with XSI shading: int setresgid(gid_t, gid_t, gid_t); int setresuid(uid_t, uid_t, uid_t); On page 451 (<unistd.h> SEE ALSO) at lines 15579-15581, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1028 (getegid() SEE ALSO) at line 35033, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1032 (geteuid() SEE ALSO) at line 35171, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1033 (getgid() SEE ALSO) at line 35210, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1104 (getuid() SEE ALSO) at line 37410, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1890 (setegid() SEE ALSO) at line 61214, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1893 (seteuid() SEE ALSO) at line 61308, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1894 (setgid() SEE ALSO) at line 61345, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1917 (setregid() SEE ALSO) at line 61847, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1919 (setreuid() SEE ALSO) at line 61908, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 1929 (setuid() SEE ALSO) at line 62155, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() On page 3794 (Subprofiling Option Groups) at lines 130234-130234, insert the following entries into the list in sorted order: getresgid(), getresuid(), setresgid(), setresuid() At page 1086, insert the specifications for getresuid() and getresgid(): NAME getresgid - get real group ID, effective group ID, and saved set-group-ID SYNOPSIS [XSI]#include <unistd.h> int getresgid(gid_t *rgid, gid_t *egid, gid_t *sgid);[/XSI] DESCRIPTION The getresgid() function shall store the real group ID, effective group ID, and saved set-group-ID of the calling process in the locations pointed to by the arguments rgid, egid, and sgid, respectively. RETURN VALUE Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error. ERRORS No errors are defined. SEE ALSO getegid(), geteuid(), getgid(), getresuid(), getuid(), setegid(), setgid(), seteuid(), setregid(), setresgid(), setresuid(), setreuid(), setuid() XBD <sys/types.h>, <unistd.h> NAME getresuid - get real user ID, effective user ID, and saved set-user-ID SYNOPSIS [XSI]#include <unistd.h> int getresuid(uid_t *ruid, uid_t *euid, uid_t *suid);[/XSI] DESCRIPTION The getresuid() function shall store the real user ID, effective user ID, and saved set-user-ID of the calling process in the locations pointed to by the arguments ruid, euid, and suid, respectively. RETURN VALUE Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error. ERRORS No errors are defined. SEE ALSO getegid(), geteuid(), getgid(), getresgid(), getuid(), setegid(), setgid(), seteuid(), setregid(), setresgid(), setresuid(), setreuid(), setuid() XBD <sys/types.h>, <unistd.h> At page 1918, insert the specifications for setresuid() and setresgid(): NAME setresgid - set real group ID, effective group ID, and saved set-group-ID SYNOPSIS [XSI]#include <unistd.h> int setresgid(gid_t rgid, gid_t egid, gid_t sgid);[/XSI] DESCRIPTION The setresgid() function shall change the real group ID, effective group ID, and saved set-group-ID of the calling process to the values specified by rgid, egid, and sgid, respectively. If an argument is -1, the corresponding ID shall not be changed. Only a process with appropriate privileges can set the real group ID, effective group ID, and saved set-group-ID to any valid value. A non-privileged process can set its real group ID, effective group ID, and saved set-group-ID, each to one of the values that it currently holds in its real group ID, effective group ID, or saved set-group-ID. The real group ID, effective group ID, and saved set-group-ID can be set to different values in the same call. Any supplementary group IDs of the calling process shall remain unchanged. RETURN VALUE Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error, and none of the IDs shall be changed. ERRORS The setresgid() function shall fail if: [EINVAL] The value of the rgid, egid, or sgid argument is invalid or out-of-range. [EPERM] The calling process does not have appropriate privileges and an attempt was made to change the real group ID, effective group ID, or saved set-group-ID to a value that is not currently present in one of those IDs. SEE ALSO getegid(), geteuid(), getgid(), getresgid(), getresuid(), getuid(), setegid(), seteuid(), setgid(), setregid(), setresuid(), setreuid(), setuid() XBD <sys/types.h>, <unistd.h> NAME setresuid - set real user ID, effective user ID, and saved set-user-ID SYNOPSIS [XSI]#include <unistd.h> int setresuid(uid_t ruid, uid_t euid, uid_t suid);[/XSI] DESCRIPTION The setresuid() function shall change the real user ID, effective user ID, and saved set-user-ID of the calling process to the values specified by ruid, euid, and suid, respectively. If an argument is -1, the corresponding ID shall not be changed. Only a process with appropriate privileges can set the real user ID, effective user ID, and saved set-user-ID to any valid value. A non-privileged process can set its real user ID, effective user ID, and saved set-user-ID, each to one of the values that it currently holds in its real user ID, effective user ID, or saved set-user-ID. The real user ID, effective user ID, and saved set-user-ID can be set to different values in the same call. RETURN VALUE Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error, and none of the IDs shall be changed. ERRORS The setresuid() function shall fail if: [EINVAL] The value of the ruid, euid, or suid argument is invalid or out-of-range. [EPERM] The calling process does not have appropriate privileges and either an attempt was made to change the real user ID, effective user ID, or saved set-user-ID to a value that is not currently present in one of those IDs or an attempt was made to change the real user ID to a value not permitted by the implementation. SEE ALSO getegid(), geteuid(), getgid(), getresgid(), getresuid(), getuid(), setegid(), seteuid(), setgid(), setregid(), setresgid(), setreuid(), setuid() XBD <sys/types.h>, <unistd.h>

geoffclare 2022-07-29 14:24 manager bugnote:0005922	The getresgid(), getresuid(), setresgid(), and setresuid() additions have been made in the Issue8NewAPIs branch in gitlab, based on 0001344:0005699

geoffclare 2022-11-21 16:10 manager bugnote:0006078	Make the changes from "Additional APIs for Issue 8, Part 2" (Austin/1273).

Date Modified	Username	Field	Change
2020-05-20 10:34	mkerrisk	New Issue
2020-05-20 10:34	mkerrisk	Status	New => Under Review
2020-05-20 10:34	mkerrisk	Assigned To	=> ajosey
2020-05-20 10:34	mkerrisk	Name	=> Michael Kerrisk
2020-05-20 10:34	mkerrisk	Organization	=> man7.org
2020-05-20 10:34	mkerrisk	Section	=> XSH
2020-05-20 10:34	mkerrisk	Page Number	=> n/a
2020-05-20 10:34	mkerrisk	Line Number	=> n/a
2020-05-21 13:09	mkerrisk	Note Added: 0004879
2022-02-22 09:41	geoffclare	Project	1003.1(2008)/Issue 7 => 1003.1(2016/18)/Issue7+TC2
2022-02-22 10:15	geoffclare	Note Added: 0005699
2022-02-22 10:19	geoffclare	Note Edited: 0005699
2022-02-24 16:14	geoffclare	Note Edited: 0005699
2022-02-24 16:16	geoffclare	Note Edited: 0005699
2022-07-29 14:24	geoffclare	Note Added: 0005922
2022-11-21 16:10	geoffclare	Note Added: 0006078
2022-11-21 16:11	geoffclare	Interp Status	=> ---
2022-11-21 16:11	geoffclare	Final Accepted Text	=> 0001344:0006078
2022-11-21 16:11	geoffclare	Status	Under Review => Resolved
2022-11-21 16:11	geoffclare	Resolution	Open => Accepted As Marked
2022-11-21 16:12	geoffclare	Tag Attached: issue8
2022-11-24 10:07	geoffclare	Status	Resolved => Applied
2023-04-13 09:50	geoffclare	Relationship added	related to 0001666
2023-04-13 09:55	geoffclare	Relationship added	related to 0001667
2024-06-11 09:08	agadmin	Status	Applied => Closed

View Issue Details

Relationships

Activities

Issue History

related to	0001666	Closed		Issue 8 drafts	getresgid() and getresuid() are missing "restrict"
related to	0001667	Closed		Issue 8 drafts	[gs]etres[gu]id() should be async-signal-safe