getting uid & euid of a process

How is it possible to get the real & effective user id of
a given process?

The idea is to call something like geteuid(), from inside a
c program, to get the effective user id of ANOTHER process
(let's say the father).
LVL 3
mliberiAsked:
Who is Participating?
 
ksbCommented:
You can't.  It can change (setreuid(), setuid()) and you must be root to read kmem on older vmunix's (that do not have /proc).

You can get a guess on systems that support /proc, but it could change in the next instruction.  What are you really trying to do?

If you want a process to prove it is running as a User you _can_ do that with 100% portable code -- but it'll cost you points.

0
 
ahoffmannCommented:
man proc
pcred()
0
 
mliberiAuthor Commented:
thank you for your reply, but I can't accept it because it didn't help me resolving the problem.

I didn't find any reference to pcred() function in the system documentation, AIX 4.1.5

About 'man proc' the system simply replied:
proc Command for the Kernel Debug Program

to be clearer I would like the code for such a function

int getpeuid(int pid)
/* get the effective user id for process pid */
{
  /* place the code here */
  /* possibly without forking */
  /* must compile and run in *any* unix compliant O.S */
}
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

 
ahoffmannCommented:
Oops, thought that proc() is standard UNIX.
Anyway, check if AIX supports /proc, if so you can check with:

   ls -l /proc/<pid>/

Use a pid of the current user, then you may also do:

   cat /proc/<pid>/status

Another posibility:  man -k pstat
(sorry don't have AIX handy)

> /* must compile and run in *any* unix compliant O.S */
AFAIK, you have to manage this with OS-dependent #defines.
0
 
mliberiAuthor Commented:
Ok. It doesn't seem to be an easy task.
Let's try do put the question in other terms:

the program I'm writing runs with S_ISUID bit set with superuser authority, do some work as superuser and then forks. I want the child process to run with normal user authority, so, before it 'exec', it has to restore the previous effective user id. The problem is how to get such an information!

example:
process A, uid=x euid=y,   exec my program that is owned by root    and has S_ISUID bit set, so process B has been generated. I have no control on process A code, it could be *any* program.

process B, uid=x euid=0, do some work as superuser, and before
exec'ing a new file, I want it to restore old euid by calling seteuid(y).

Unfortunately 'exec' system call doesn't save old euid before changing it, so the idea was to retrieve the euid of the parent with a function like the one I requested; but a cleaner and safer way to get that information would be greatly appreciated. In fact it is not true, generally speaking, that the parent process is still alive when the child tries to retrieve it's effective user id.

Obviously the proposed solution must be system independent and use only standard system call.

If you need any other information about the question, please append a new comment.

Thank you very much for your reply to my question.
0
 
ahoffmannCommented:
in your code:
1. save euid before seteuid()
2. remember that after a fork the child process has access to all
   variables of the parent, even the saved euid
3. so you may either do a seteuid(saved euid) in your child
   before exec()ing, or you may pass the saved euid as parameter
   to the program exec'd

You just use libc, you don't need platform specific knowledge and calls.
Is this what you need?
0
 
mliberiAuthor Commented:
I can't save old euid, because I have no control on the code
that exec my program (usually a shell).
When my program begins running the euid has ALREADY been changed
by 'exec'.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.