Solved

getting uid & euid of a process

Posted on 1998-10-10
7
930 Views
Last Modified: 2008-02-26
How is it possible to get the real & effective user id of
a given process?

The idea is to call something like geteuid(), from inside a
c program, to get the effective user id of ANOTHER process
(let's say the father).
0
Comment
Question by:mliberi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2007386
man proc
pcred()
0
 
LVL 3

Author Comment

by:mliberi
ID: 2007387
thank you for your reply, but I can't accept it because it didn't help me resolving the problem.

I didn't find any reference to pcred() function in the system documentation, AIX 4.1.5

About 'man proc' the system simply replied:
proc Command for the Kernel Debug Program

to be clearer I would like the code for such a function

int getpeuid(int pid)
/* get the effective user id for process pid */
{
  /* place the code here */
  /* possibly without forking */
  /* must compile and run in *any* unix compliant O.S */
}
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2007388
Oops, thought that proc() is standard UNIX.
Anyway, check if AIX supports /proc, if so you can check with:

   ls -l /proc/<pid>/

Use a pid of the current user, then you may also do:

   cat /proc/<pid>/status

Another posibility:  man -k pstat
(sorry don't have AIX handy)

> /* must compile and run in *any* unix compliant O.S */
AFAIK, you have to manage this with OS-dependent #defines.
0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 
LVL 1

Accepted Solution

by:
ksb earned 100 total points
ID: 2007389
You can't.  It can change (setreuid(), setuid()) and you must be root to read kmem on older vmunix's (that do not have /proc).

You can get a guess on systems that support /proc, but it could change in the next instruction.  What are you really trying to do?

If you want a process to prove it is running as a User you _can_ do that with 100% portable code -- but it'll cost you points.

0
 
LVL 3

Author Comment

by:mliberi
ID: 2007390
Ok. It doesn't seem to be an easy task.
Let's try do put the question in other terms:

the program I'm writing runs with S_ISUID bit set with superuser authority, do some work as superuser and then forks. I want the child process to run with normal user authority, so, before it 'exec', it has to restore the previous effective user id. The problem is how to get such an information!

example:
process A, uid=x euid=y,   exec my program that is owned by root    and has S_ISUID bit set, so process B has been generated. I have no control on process A code, it could be *any* program.

process B, uid=x euid=0, do some work as superuser, and before
exec'ing a new file, I want it to restore old euid by calling seteuid(y).

Unfortunately 'exec' system call doesn't save old euid before changing it, so the idea was to retrieve the euid of the parent with a function like the one I requested; but a cleaner and safer way to get that information would be greatly appreciated. In fact it is not true, generally speaking, that the parent process is still alive when the child tries to retrieve it's effective user id.

Obviously the proposed solution must be system independent and use only standard system call.

If you need any other information about the question, please append a new comment.

Thank you very much for your reply to my question.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2007391
in your code:
1. save euid before seteuid()
2. remember that after a fork the child process has access to all
   variables of the parent, even the saved euid
3. so you may either do a seteuid(saved euid) in your child
   before exec()ing, or you may pass the saved euid as parameter
   to the program exec'd

You just use libc, you don't need platform specific knowledge and calls.
Is this what you need?
0
 
LVL 3

Author Comment

by:mliberi
ID: 2007392
I can't save old euid, because I have no control on the code
that exec my program (usually a shell).
When my program begins running the euid has ALREADY been changed
by 'exec'.
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question