identity(S) 6 January 1993 identity(S) Name identity - get or check uids or gids from program start Syntax cc . . . -lprot #include <sys/types.h> #include <sys/security.h> #include <sys/audit.h> #include <prot.h> void check_auth_parameters () int is_starting_egid (gid) ushort gid; int is_starting_euid (uid) ushort uid; int is_starting_luid (uid) ushort uid; int is_starting_ruid (uid) ushort uid; int is_starting_rgid (gid) ushort gid; void set_auth_parameters (argc, argv) int argc; char *argv[]; ushort starting_egid () ushort starting_euid () ushort starting_luid () ushort starting_rgid () ushort starting_ruid () Description These routines provide a way to recall the IDs of a process at the time the program started. They are useful when interrogating the invoking environment of a program after any setuid(S) or setgid(S) calls have been made so that the original environment can be captured. startingluid returns the login UID for the process as it was set in the beginning of the program. The login UID is the immutable stamp for the process and accurately denotes the account under which the session is being run, regardless of subsequent setuid(S) calls. startingruid returns the real UID for the process as it was set in the beginning of the program. Similarly, startingeuid returns the effective UID, startingrgid returns the real GID, and startingegid returns the effec- tive GID, These IDs may not be the same as those returned by getluid(S), getuid(S), geteuid(S), getgid(S), or getegid(S), respectively, because intervening calls to setluid(S), setuid(S) or setgid(S) can change the latter set while the former set remains the same. The routine isstartingluid returns 1 if the argument is the same as the login UID at the time when setauthparameters was invoked, and 0 other- wise. Similarly, isstartingruid returns 1 if the argument is the same as the real UID at the time when setauthparameters was invoked, and 0 otherwise; isstartingeuid returns 1 if the argument is the same as the effective UID at the time when setauthparameters was invoked, and 0 otherwise; isstartingrgid returns 1 if the argument is the same as the real GID at the time when setauthparameters was invoked, and 0 other- wise; and isstartingegid returns 1 if the argument is the same as the effective GID at the time when setauthparameters was invoked, and 0 otherwise. The setauthparameters routine is used to retain the IDs for future lookup. It also tests the kernel to see if the C2 security features have been loaded. If not, the program exists with an error message. It should be called first in a program or there is a chance that it captures an environment different from the program beginning. The two arguments are the argument count and vector with which the program was called. checkauthparameters verifies that setauthparameters has been previ- ously invoked. If not, the program exits. If so, nothing happens. Notes These routines only work as advertised when setauthparameters is called as the first item in main(). setauthparameters resets the umask in the calling process to 077. See also getegid(S), geteuid(S), getgid(S), getuid(S) Standards conformance identity is an extension of AT&T System V provided by the Santa Cruz Operation.