Re: LOGNAME, USER, and get-uid; NIS hga@xxxxxx 12 Aug 2019 20:17 UTC
We previously removed geteuid and getegid because we didn't want to *directly* support setuid root then lower your privileges Scheme programming, but if that happens *before* Scheme is called, by all means let us return those two, which are completely trivial to implement, they take no arguments and can't fail. None of POSIX, Linux, or OpenBSD have getruid or getrgid, the POSIX descriptions of getuid and getgid, and the man pages for Bionic Beaver Linux and OpenBSD 6.5 say they return the real ids. So we could rename user-uid/-gid to user-real-uid/-gid. Although I note just now using setuid with scsh 0.7 on Bionic Beaver that both user-uid and user-effective-uid stay the same before and after I do (set-uid 1000), 0 to 1000.... Although there's no trail of crumbs in the source from what I take to be the system calls to either of the Scheme procedures.... - Harold ----- Original message ----- From: Lassi Kortela <email@example.com> Date: Monday, August 12, 2019 1:33 PM > There are actually two environment variables specifying the name of the > user: LOGNAME is supposed to be the name of the real uid, USER is > supposed to be the name of the effective uid. I always wondered what the distinction is :) One wonders how reliably programs uphold that distinction. > These variables are both subject to forgery, but if we provided both the > geteuid and getruid system calls we could discriminate reliably: > sometimes you want one, sometimes the other. This is especially true > when one of them is root. Definitely provide both of those syscalls. Do we need the envars for anything? To get the effective username, call getpwuid(geteuid()). To get the real username, call getpwuid(getuid()). The effective user is especially security-sensitive, since that's what's used to check file permissions and whether or not the user can execute root-only syscalls. > Scsh calls the syscalls get-uid and get-effective-uid, but I think we > should make it get-real-uid instead of get-uid for clarity's sake. > > The same applies to gids, of course. Strongly agreed. > NIS is just a distributed version of /etc/passwd, as DNS is a > distributed version of /etc/hosts. It is tiny and simple compared to X.500. That's cool. I never thought of DNS that way.