|Linux & Unix Commands - Search Man Pages
ISSETUGID(2) BSD System Calls Manual ISSETUGID(2)
issetugid -- is current process tainted by uid or gid changes
The issetugid() function returns 1 if the process environment or memory address space is
considered ``tainted'', and returns 0 otherwise.
A process is tainted if it was created as a result of an execve(2) system call which had
either of the setuid or setgid bits set (and extra privileges were given as a result) or if
it has changed any of its real, effective or saved user or group ID's since it began execu-
This system call exists so that library routines (e.g., libc, libtermcap) can reliably
determine if it is safe to use information that was obtained from the user, in particular
the results from getenv(3) should be viewed with suspicion if it is used to control opera-
A ``tainted'' status is inherited by child processes as a result of the fork(2) system call
(or other library code that calls fork, such as popen(3)).
It is assumed that a program that clears all privileges as it prepares to execute another
will also reset the environment, hence the ``tainted'' status will not be passed on. This
is important for programs such as su(1) which begin setuid but need to be able to create an
The issetugid() function is always successful, and no return value is reserved to indicate
execve(2), fork(2), setegid(2), seteuid(2), setgid(2), setregid(2), setreuid(2), setuid(2)
A issetugid() function call first appeared in OpenBSD 2.0 and was also implemented in
FreeBSD 3.0. FreeBSD implementation was imported in NetBSD 1.5.
BSD April 22, 2000 BSD
All times are GMT -4. The time now is 09:03 AM.