_SECURE_PATH(3) BSD Library Functions Manual _SECURE_PATH(3)NAME
_secure_path -- determine if a file appears to be secure
LIBRARY
System Utilities Library (libutil, -lutil)
SYNOPSIS
#include <sys/types.h>
#include <libutil.h>
int
_secure_path(const char *path, uid_t uid, gid_t gid);
DESCRIPTION
This function does some basic security checking on a given path. It is intended to be used by processes running with root privileges in
order to decide whether or not to trust the contents of a given file. It uses a method often used to detect system compromise.
A file is considered 'secure' if it meets the following conditions:
1. The file exists, and is a regular file (not a symlink, device special or named pipe, etc.),
2. Is not world writable.
3. Is owned by the given uid or uid 0, if uid is not -1,
4. Is not group writable or it has group ownership by the given gid, if gid is not -1.
RETURN VALUES
This function returns zero if the file exists and may be considered secure, -2 if the file does not exist, and -1 otherwise to indicate a
security failure. The syslog(3) function is used to log any failure of this function, including the reason, at LOG_ERR priority.
SEE ALSO lstat(2), syslog(3)HISTORY
Code from which this function was derived was contributed to the FreeBSD project by Berkeley Software Design, Inc.
BUGS
The checks carried out are rudimentary and no attempt is made to eliminate race conditions between use of this function and access to the
file referenced.
BSD May 2, 1997 BSD
Check Out this Related Man Page
PWCACHE(3) BSD Library Functions Manual PWCACHE(3)NAME
pwcache -- cache password and group entries
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <pwd.h>
char *
user_from_uid(uid_t uid, int nouser);
#include <grp.h>
char *
group_from_gid(gid_t gid, int nogroup);
DESCRIPTION
The user_from_uid() function returns the user name associated with the argument uid. The user name is cached so that multiple calls with the
same uid do not require additional calls to getpwuid(3). If there is no user associated with the uid, a pointer is returned to a string rep-
resentation of the uid, unless the argument nouser is non-zero, in which case a NULL pointer is returned.
The group_from_gid() function returns the group name associated with the argument gid. The group name is cached so that multiple calls with
the same gid do not require additional calls to getgrgid(3). If there is no group associated with the gid, a pointer is returned to a string
representation of the gid, unless the argument nogroup is non-zero, in which case a NULL pointer is returned.
SEE ALSO getgrgid(3), getpwuid(3)HISTORY
The user_from_uid() and group_from_gid() functions first appeared in 4.4BSD.
BSD June 9, 1993 BSD
How do i go about getting the uid of the user and verify ?
if
then
echo "You are not a superuser, please login as a superuser"
exit1;
fi
the above code doesn't work. can some guru please help me.
1. how to get the uid of the user ? i know by typing id but how to... (7 Replies)
I would like to choose an OS which is both very secure and very stable.
Which one of these 2 would be the best option: FreeBSD or Solaris 10 ?
I plan to use this OS as a very basic desktop pc using: a word processing program, emule/amule/p2p and an email client such as evolution. (1 Reply)
Hi Guys,
I'd like to know your opinion. A friend of mine claims, an open source OS like linux is more secure than a closed one like AIX because 'if he is hacked, he can do countermeasures'.
I believe the opposite is the case - it's more secure if not everybody knows the kernel and is able to... (6 Replies)
I´m listing the contents of a directory using the command
ls -lI get numeric uid and gid for some lines.
example:
drwxr-xr-x root root 1970-01-01 01:00 sys
-rw-r--r-- 501 20 0 2010-08-04 14:54 shutdown.bravo.rc
drwxr-x--- 501 20 ... (5 Replies)
Hello everyone. I'm a newbie and this is my first post, and I'm hoping to get some help understanding what happened on my server. I did as much research as I could, but now I turn to the forums for help :)
I've set up a VPS server and I "thought" I had good enough security on it, but all of a... (2 Replies)