2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * Code for uid-swapping.
7 * As far as I am concerned, the code I have written for this software
8 * can be used freely for any purpose. Any derived versions of this
9 * software must be clearly marked as such, and if the derived work is
10 * incompatible with the protocol description in the RFC file, it must be
11 * called by a name other than "ssh" or "Secure Shell".
15 RCSID("$OpenBSD: uidswap.c,v 1.9 2000/09/07 20:27:55 deraadt Exp $");
19 #ifdef WITH_IRIX_AUDIT
21 #endif /* WITH_IRIX_AUDIT */
24 * Note: all these functions must work in all of the following cases:
28 * Additionally, they must work regardless of whether the system has
29 * POSIX saved uids or not.
32 #ifdef _POSIX_SAVED_IDS
33 /* Lets assume that posix saved ids also work with seteuid, even though that
34 is not part of the posix specification. */
35 #define SAVED_IDS_WORK_WITH_SETEUID
37 /* Saved effective uid. */
38 static uid_t saved_euid = 0;
40 #endif /* _POSIX_SAVED_IDS */
43 * Temporarily changes to the given uid. If the effective user
44 * id is not root, this does nothing. This call cannot be nested.
47 temporarily_use_uid(uid_t uid)
49 #ifdef SAVED_IDS_WORK_WITH_SETEUID
50 /* Save the current euid. */
51 saved_euid = geteuid();
53 /* Set the effective uid to the given (unprivileged) uid. */
54 if (seteuid(uid) == -1)
55 debug("seteuid %u: %.100s", (u_int) uid, strerror(errno));
56 #else /* SAVED_IDS_WORK_WITH_SETUID */
57 /* Propagate the privileged uid to all of our uids. */
58 if (setuid(geteuid()) < 0)
59 debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno));
61 /* Set the effective uid to the given (unprivileged) uid. */
62 if (seteuid(uid) == -1)
63 debug("seteuid %u: %.100s", (u_int) uid, strerror(errno));
64 #endif /* SAVED_IDS_WORK_WITH_SETEUID */
68 * Restores to the original uid.
73 #ifdef SAVED_IDS_WORK_WITH_SETEUID
74 /* Set the effective uid back to the saved uid. */
75 if (seteuid(saved_euid) < 0)
76 debug("seteuid %u: %.100s", (u_int) saved_euid, strerror(errno));
77 #else /* SAVED_IDS_WORK_WITH_SETEUID */
79 * We are unable to restore the real uid to its unprivileged value.
80 * Propagate the real uid (usually more privileged) to effective uid
84 #endif /* SAVED_IDS_WORK_WITH_SETEUID */
88 * Permanently sets all uids to the given uid. This cannot be
89 * called while temporarily_use_uid is effective.
92 permanently_set_uid(uid_t uid)
94 #ifdef WITH_IRIX_AUDIT
95 if (sysconf(_SC_AUDIT)) {
96 debug("Setting sat id to %d", (int) uid);
98 debug("error setting satid: %.100s", strerror(errno));
100 #endif /* WITH_IRIX_AUDIT */
103 debug("setuid %u: %.100s", (u_int) uid, strerror(errno));