Austin Group Defect Tracker

Aardvark Mark IV

Main | My View | View Issues | Change Log | Docs
  

Viewing Issue Simple Details Jump to Notes ] Issue History ] Print ]
ID Category Severity Type Date Submitted Last Update
0001344 [1003.1(2016/18)/Issue7+TC2] System Interfaces Editorial Enhancement Request 2020-05-20 10:34 2022-11-24 10:07
Reporter mkerrisk View Status public  
Assigned To ajosey
Priority normal Resolution Accepted As Marked  
Status Applied  
Name Michael Kerrisk
Organization man7.org
User Reference
Section XSH
Page Number n/a
Line Number n/a
Interp Status ---
Final Accepted Text Note: 0006078
Summary 0001344: Addition of setresuid()/setresgid()/getresuid()/getresgid()
Description setresuid()/setresgid()/getresuid()/getresgid() are implemented on a number systems including at least Linux, FreeBSD, OpenBSD, and HP-UX. (Notably, they are not present on Solaris, so far as I know.)

Adding these interfaces to POSIX would be valuable for a number of reasons:

* The semantics of the existing APIs for modifying credentials are
problematic. The semantics of setuid()/setgid() depend on whether the
process is privileged, so that the API either changes just the
effective ID, or all of real/effective and saved set IDs. The only
POSIX-specified way to change saved set IDs is to use
setreuid()/setregid(). But those APIs depend on a bizarre rule to
determine whether or not the saved set ID is modified. These sorts of
funny behaviors are invitations for programmers to make mistakes, and
in this case such mistakes have obvious security implications.

* By contrast with the former point, the semantics of the changes made
by setresuid() and setresgid() are simple and transparent: one
argument per credential, with "-1" being used to signify "no change".
No semantics that vary according to whether the process is privileged
and no funny rules.

* getresuid()/getresgid() provide the only means of explicitly
retrieving the save set-UID/GID.
Desired Action 1. Add specifications of setresuid()/setresgid()/getresuid()/getresgid()
2. Add SEE ALSO entries in relevant other pages (getuid(), geteuid(), setuid(), setreuid(), getgid(), getegid(), setgid(), setregid(), <unistd.h>)
3. Add prototypes to <unistd.h>
4. Add to "XSI_USER_GROUPS" in "E.1 Subprofiling Option Groups"(?)

I will attempt 1; presumably 2, 3, 4 can be written up as boilerplate editing directions (which I can attempt, but may need some assistance).
Tags issue8
Attached Files

- Relationships
related to 0001666Applied Issue 8 drafts getresgid() and getresuid() are missing "restrict" 
related to 0001667Applied Issue 8 drafts [gs]etres[gu]id() should be async-signal-safe 

-  Notes
(0004879)
mkerrisk (reporter)
2020-05-21 13:09

 On page 448 (<unistd.h> Declarations), after line 15419, insert

int getresgid(gid_t *rgid, gid_t *egid, gid_t *sgid);
int getresuid(uid_t *ruid, uid_t *euid, uid_t *suid);


On page 448 (<unistd.h> Declarations), after line 15443, insert

int setresgid(gid_t rgid, gid_t egid, gid_t sgid);
int setresuid(uid_t ruid, uid_t euid, uid_t suid);


On page 451 (<unistd.h> SEE ALSO) at lines 15579-15581, insert the following
entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()

On page 1028 (getegid() SEE ALSO) at line 35033, insert the following
entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()

On page 1032 (geteuid() SEE ALSO) at line 35171, insert the following
entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()

On page 1033 (getgid() SEE ALSO) at line 35210, insert the following
entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()

On page 1104 (getuid() SEE ALSO) at line 37410, insert the following
entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()

On page 1890 (setegid() SEE ALSO) at line 61214, insert the following
entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()

On page 1893 (seteuid() SEE ALSO) at line 61308, insert the following
entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()

On page 1894 (setgid() SEE ALSO) at line 61345, insert the following
entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()

On page 1917 (setregid() SEE ALSO) at line 61847, insert the following
entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()

On page 1919 (setreuid() SEE ALSO) at line 61908, insert the following
entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()

On page 1929 (setuid() SEE ALSO) at line 62155, insert the following
entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()


(Depending on whether these APIs should be part of XSI_USER_GROUPS)
On page 3794 (Subprofiling Option Groups) at lines 130234-130234,
insert the following entries into the list in sorted order:

getresgid(), getresuid(), setresgid(), setresuid()


At page 1086, insert the specifications for getresuid() and getresgid():

NAME

getresgid - get real group ID, effective group ID, and saved set-group-ID

SYNOPSIS
#include <unistd.h>

int getresgid(gid_t *rgid, gid_t *egid, gid_t *sgid);

DESCRIPTION

The getresgid() function shall return the calling process's real
group ID, effective group ID, and saved set-group-ID, storing them
in the locations pointed to by, respectively, the arguments rgid,
egid, and sgid.

RETURN VALUE

Upon successful completion, 0 shall be returned. Otherwise, -1
shall be returned and errno set to indicate the error.

ERRORS

No errors are defined.

SEE ALSO

getegid(), geteuid(), getgid(), getresuid(), getuid(), setegid(),
setgid(), seteuid(), setregid(), setresgid(), setresuid(),
setreuid(), setuid()

XBD <sys/types.h>, <unistd.h>


NAME

getresuid - get real user ID, effective user ID, and saved set-user-ID

SYNOPSIS
#include <unistd.h>

int getresuid(uid_t *ruid, uid_t *euid, uid_t *suid);

DESCRIPTION

The getresuid() function shall return the calling process's real
user ID, effective user ID, and saved set-user-ID, storing them in
the locations pointed to by, respectively, the arguments ruid,
euid, and suid.

RETURN VALUE

Upon successful completion, 0 shall be returned. Otherwise, -1
shall be returned and errno set to indicate the error.

ERRORS

No errors are defined.

SEE ALSO

getegid(), geteuid(), getgid(), getresgid(), getuid(), setegid(),
setgid(), seteuid(), setregid(), setresgid(), setresuid(),
setreuid(), setuid()

XBD <sys/types.h>, <unistd.h>



At page 1918, insert the specifications for setresuid() and setresgid():

NAME

setresgid - set real group ID, effective group ID, and saved set-group-ID

SYNOPSIS
#include <unistd.h>

int setresgid(gid_t rgid, gid_t egid, gid_t sgid);

DESCRIPTION

The setresgid() function shall change the calling process's real
group ID, effective group ID, and saved set-group-ID, respectively,
to the values specified by rgid, egid, and sgid.

If one of the arguments is -1, the corresponding group ID shall
not be changed.

Only a process with appropriate privileges can set the real group
ID, effective group ID, and saved set-group-ID to any valid value.


A non-privileged process may set its real group ID, effective
group ID, and saved set-group-ID, each to one of the values that
it currently holds in its real group ID, effective group ID, or
saved set-group-ID.

The real group ID, effective group ID, and saved set-group-ID may
be set to different values in the same call.

RETURN VALUE

Upon successful completion, 0 shall be returned. Otherwise, -1
shall be returned and errno set to indicate the error, and none of
the group IDs shall be changed.

ERRORS

The setresgid() function shall fail if:

[EINVAL]

The value of the rgid, egid, or sgid argument is invalid or out-of-range.

[EPERM]

The calling process does not have appropriate privileges,
and an attempt was made to change the real group ID,
effective group ID, or saved set-group-ID to a value that
is not currently present in one of those IDs.

SEE ALSO

getegid(), geteuid(), getgid(), getresgid(), getresuid(),
getuid(), setegid(), seteuid(), setgid(), setregid(), setresuid(),
setreuid(), setuid()

XBD <sys/types.h>, <unistd.h>

NAME

setresuid - set real user ID, effective user ID, and saved set-user-ID

SYNOPSIS
#include <unistd.h>

int setresuid(uid_t ruid, uid_t euid, uid_t suid);

DESCRIPTION

The setresuid() function shall change the calling process's real
user ID, effective user ID, and saved set-user-ID, respectively,
to the values specified by ruid, euid, and suid.

If one of the arguments is -1, the corresponding user ID shall not
be changed.

Only a process with appropriate privileges can set the real user
ID, effective user ID, and saved set-user-ID to any valid value.

A non-privileged process may set its real user ID, effective user
ID, and saved set-user-ID, each to one of the values that it
currently holds in its real user ID, effective user ID, or saved
set-user-ID.

The real user ID, effective user ID, and saved set-user-ID may be
set to different values in the same call.

RETURN VALUE

Upon successful completion, 0 shall be returned. Otherwise, -1
shall be returned and errno set to indicate the error, and none of
the user IDs shall be changed.

ERRORS

The setresuid() function shall fail if:

[EINVAL]

The value of the ruid, euid, or suid argument is invalid or out-of-range.

[EPERM]

The calling process does not have appropriate privileges,
and an attempt was made to change the real user ID,
effective user ID, or saved set-user-ID to a value that is
not currently present in one of those IDs.

SEE ALSO

getegid(), geteuid(), getgid(), getresgid(), getresuid(),
getuid(), setegid(), seteuid(), setgid(), setregid(), setresgid(),
setreuid(), setuid()

XBD <sys/types.h>, <unistd.h>
(0005699)
geoffclare (manager)
2022-02-22 10:15
edited on: 2022-02-24 16:16

 This is an updated version of Note: 0004879 with XSI shading added, parameter names removed from header prototypes, and some minor wording and formatting changes.

On page 448 (<unistd.h> Declarations), after line 15419, insert with XSI shading:
int getresgid(gid_t *, gid_t *, gid_t *);
int getresuid(uid_t *, uid_t *, uid_t *);

On page 448 (<unistd.h> Declarations), after line 15443, insert with XSI shading:
int setresgid(gid_t, gid_t, gid_t);
int setresuid(uid_t, uid_t, uid_t);

On page 451 (<unistd.h> SEE ALSO) at lines 15579-15581, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

On page 1028 (getegid() SEE ALSO) at line 35033, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

On page 1032 (geteuid() SEE ALSO) at line 35171, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

On page 1033 (getgid() SEE ALSO) at line 35210, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

On page 1104 (getuid() SEE ALSO) at line 37410, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

On page 1890 (setegid() SEE ALSO) at line 61214, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

On page 1893 (seteuid() SEE ALSO) at line 61308, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

On page 1894 (setgid() SEE ALSO) at line 61345, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

On page 1917 (setregid() SEE ALSO) at line 61847, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

On page 1919 (setreuid() SEE ALSO) at line 61908, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

On page 1929 (setuid() SEE ALSO) at line 62155, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

On page 3794 (Subprofiling Option Groups) at lines 130234-130234, insert the following entries into the list in sorted order:
getresgid(), getresuid(), setresgid(), setresuid()

At page 1086, insert the specifications for getresuid() and getresgid():

NAME

getresgid - get real group ID, effective group ID, and saved set-group-ID

SYNOPSIS
[XSI]#include <unistd.h>

int getresgid(gid_t *rgid, gid_t *egid, gid_t *sgid);[/XSI]

DESCRIPTION

The getresgid() function shall store the real group ID, effective group ID, and saved set-group-ID of the calling process in the locations pointed to by the arguments rgid, egid, and sgid, respectively.

RETURN VALUE

Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error.

ERRORS

No errors are defined.

SEE ALSO

getegid(), geteuid(), getgid(), getresuid(), getuid(), setegid(), setgid(), seteuid(), setregid(), setresgid(), setresuid(), setreuid(), setuid()

XBD <sys/types.h>, <unistd.h>


NAME

getresuid - get real user ID, effective user ID, and saved set-user-ID

SYNOPSIS
[XSI]#include <unistd.h>

int getresuid(uid_t *ruid, uid_t *euid, uid_t *suid);[/XSI]

DESCRIPTION

The getresuid() function shall store the real user ID, effective user ID, and saved set-user-ID of the calling process in the locations pointed to by the arguments ruid, euid, and suid, respectively.

RETURN VALUE

Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error.

ERRORS

No errors are defined.

SEE ALSO

getegid(), geteuid(), getgid(), getresgid(), getuid(), setegid(), setgid(), seteuid(), setregid(), setresgid(), setresuid(), setreuid(), setuid()

XBD <sys/types.h>, <unistd.h>



At page 1918, insert the specifications for setresuid() and setresgid():

NAME

setresgid - set real group ID, effective group ID, and saved set-group-ID

SYNOPSIS
[XSI]#include <unistd.h>

int setresgid(gid_t rgid, gid_t egid, gid_t sgid);[/XSI]

DESCRIPTION

The setresgid() function shall change the real group ID, effective group ID, and saved set-group-ID of the calling process to the values specified by rgid, egid, and sgid, respectively.

If an argument is -1, the corresponding ID shall not be changed.

Only a process with appropriate privileges can set the real group ID, effective group ID, and saved set-group-ID to any valid value.

A non-privileged process can set its real group ID, effective group ID, and saved set-group-ID, each to one of the values that it currently holds in its real group ID, effective group ID, or saved set-group-ID.

The real group ID, effective group ID, and saved set-group-ID can be set to different values in the same call.

Any supplementary group IDs of the calling process shall remain unchanged.

RETURN VALUE

Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error, and none of the IDs shall be changed.

ERRORS

The setresgid() function shall fail if:

[EINVAL]
The value of the rgid, egid, or sgid argument is invalid or out-of-range.

[EPERM]
The calling process does not have appropriate privileges and an attempt was made to change the real group ID, effective group ID, or saved set-group-ID to a value that is not currently present in one of those IDs.

SEE ALSO

getegid(), geteuid(), getgid(), getresgid(), getresuid(), getuid(), setegid(), seteuid(), setgid(), setregid(), setresuid(), setreuid(), setuid()

XBD <sys/types.h>, <unistd.h>

NAME

setresuid - set real user ID, effective user ID, and saved set-user-ID

SYNOPSIS
[XSI]#include <unistd.h>

int setresuid(uid_t ruid, uid_t euid, uid_t suid);[/XSI]

DESCRIPTION

The setresuid() function shall change the real user ID, effective user ID, and saved set-user-ID of the calling process to the values specified by ruid, euid, and suid, respectively.

If an argument is -1, the corresponding ID shall not be changed.

Only a process with appropriate privileges can set the real user ID, effective user ID, and saved set-user-ID to any valid value.

A non-privileged process can set its real user ID, effective user ID, and saved set-user-ID, each to one of the values that it currently holds in its real user ID, effective user ID, or saved set-user-ID.

The real user ID, effective user ID, and saved set-user-ID can be set to different values in the same call.

RETURN VALUE

Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error, and none of the IDs shall be changed.

ERRORS

The setresuid() function shall fail if:

[EINVAL]
The value of the ruid, euid, or suid argument is invalid or out-of-range.

[EPERM]
The calling process does not have appropriate privileges and either an attempt was made to change the real user ID, effective user ID, or saved set-user-ID to a value that is not currently present in one of those IDs or an attempt was made to change the real user ID to a value not permitted by the implementation.

SEE ALSO

getegid(), geteuid(), getgid(), getresgid(), getresuid(), getuid(), setegid(), seteuid(), setgid(), setregid(), setresgid(), setreuid(), setuid()

XBD <sys/types.h>, <unistd.h>
(0005922)
geoffclare (manager)
2022-07-29 14:24

 The getresgid(), getresuid(), setresgid(), and setresuid() additions have been made in the Issue8NewAPIs branch in gitlab, based on Note: 0005699
(0006078)
geoffclare (manager)
2022-11-21 16:10

 Make the changes from "Additional APIs for Issue 8, Part 2" (Austin/1273).

- Issue History
Date Modified Username Field Change
2020-05-20 10:34 mkerrisk New Issue
2020-05-20 10:34 mkerrisk Status New => Under Review
2020-05-20 10:34 mkerrisk Assigned To => ajosey
2020-05-20 10:34 mkerrisk Name => Michael Kerrisk
2020-05-20 10:34 mkerrisk Organization => man7.org
2020-05-20 10:34 mkerrisk Section => XSH
2020-05-20 10:34 mkerrisk Page Number => n/a
2020-05-20 10:34 mkerrisk Line Number => n/a
2020-05-21 12:51 mkerrisk Note Added: 0004875
2020-05-21 12:57 mkerrisk Note Added: 0004876
2020-05-21 12:58 mkerrisk Note Deleted: 0004875
2020-05-21 12:59 mkerrisk Note Deleted: 0004876
2020-05-21 12:59 mkerrisk Note Added: 0004877
2020-05-21 12:59 mkerrisk Note Deleted: 0004877
2020-05-21 13:02 mkerrisk Note Added: 0004878
2020-05-21 13:08 mkerrisk Note Deleted: 0004878
2020-05-21 13:09 mkerrisk Note Added: 0004879
2022-02-22 09:41 geoffclare Project 1003.1(2008)/Issue 7 => 1003.1(2016/18)/Issue7+TC2
2022-02-22 10:15 geoffclare Note Added: 0005699
2022-02-22 10:19 geoffclare Note Edited: 0005699
2022-02-24 16:14 geoffclare Note Edited: 0005699
2022-02-24 16:16 geoffclare Note Edited: 0005699
2022-07-29 14:24 geoffclare Note Added: 0005922
2022-11-21 16:10 geoffclare Note Added: 0006078
2022-11-21 16:11 geoffclare Interp Status => ---
2022-11-21 16:11 geoffclare Final Accepted Text => Note: 0006078
2022-11-21 16:11 geoffclare Status Under Review => Resolved
2022-11-21 16:11 geoffclare Resolution Open => Accepted As Marked
2022-11-21 16:12 geoffclare Tag Attached: issue8
2022-11-24 10:07 geoffclare Status Resolved => Applied
2023-04-13 09:50 geoffclare Relationship added related to 0001666
2023-04-13 09:55 geoffclare Relationship added related to 0001667

Mantis 1.1.6[^]
Copyright © 2000 - 2008 Mantis Group
Powered by Mantis Bugtracker