1 /* $NetBSD: set_ugid.c,v 1.1.1.1 2009/06/23 10:09:00 tron Exp $ */ 2 3 /*++ 4 /* NAME 5 /* set_ugid 3 6 /* SUMMARY 7 /* set real, effective and saved user and group attributes 8 /* SYNOPSIS 9 /* #include <set_ugid.h> 10 /* 11 /* void set_ugid(uid, gid) 12 /* uid_t uid; 13 /* gid_t gid; 14 /* DESCRIPTION 15 /* set_ugid() sets the real, effective and saved user and group process 16 /* attributes and updates the process group access list to be just the 17 /* user's primary group. This operation is irreversible. 18 /* DIAGNOSTICS 19 /* All system call errors are fatal. 20 /* SEE ALSO 21 /* setuid(2), setgid(2), setgroups(2) 22 /* LICENSE 23 /* .ad 24 /* .fi 25 /* The Secure Mailer license must be distributed with this software. 26 /* AUTHOR(S) 27 /* Wietse Venema 28 /* IBM T.J. Watson Research 29 /* P.O. Box 704 30 /* Yorktown Heights, NY 10598, USA 31 /*--*/ 32 33 /* System library. */ 34 35 #include <sys_defs.h> 36 #include <unistd.h> 37 #include <grp.h> 38 #include <errno.h> 39 40 /* Utility library. */ 41 42 #include "msg.h" 43 #include "set_ugid.h" 44 45 /* set_ugid - set real, effective and saved user and group attributes */ 46 47 void set_ugid(uid_t uid, gid_t gid) 48 { 49 int saved_errno = errno; 50 51 if (geteuid() != 0) 52 if (seteuid(0) < 0) 53 msg_fatal("seteuid(0): %m"); 54 if (setgid(gid) < 0) 55 msg_fatal("setgid(%ld): %m", (long) gid); 56 if (setgroups(1, &gid) < 0) 57 msg_fatal("setgroups(1, &%ld): %m", (long) gid); 58 if (setuid(uid) < 0) 59 msg_fatal("setuid(%ld): %m", (long) uid); 60 if (msg_verbose > 1) 61 msg_info("setugid: uid %ld gid %ld", (long) uid, (long) gid); 62 errno = saved_errno; 63 } 64