If, like me, you were reading Setuid Demystified and thought "Wow, this is great, but it's got to work on OS X too, and there's no getresuid() or /proc/$pid/cred, so how do I use their proposed API?", then this code snippet is for you. It retrieves the saved set-user-id of a process on OS X, letting you populate the read_suid_from_X OS-specific function that's stubbed out in Chen and Wagner's code.
#include <stdio.h>
#include <sys/types.h>
#include <sys/sysctl.h>
int main()
{
int retval, mib[4];
struct kinfo_proc kp;
size_t len;
len = sizeof(kp);
mib[0] = CTL_KERN;
mib[1] = KERN_PROC;
mib[2] = KERN_PROC_PID;
mib[3] = getpid();
retval = sysctl(mib, 4, &kp, &len, NULL, 0);
if (retval == -1)
return 1;
if (len <= 0)
return 2;
printf("%u\n", kp.kp_eproc.e_pcred.p_svuid);
return 0;
}
Comments