Guy Harris wrote:
A number of UN*Xes have an "issetugid()" call; if it's present, we could
use that.
If it's not present, if the OS has geteuid() and getegid(), we should
call both of those before relinquishing set-UID and set-GID privileges
(which we'd have to do anyway, in order to reclaim those privileges),
and compare the results against the results of getuid() and getgid()
and, if they don't match, set a global flag, and have "issetugid()"
return the value of that flag.
I've checked in a change to handle that.
There's a "get_credential_info()" call that an app using this stuff
should make as early as possible in main() (before relinquishing any
privileges), and a "started_with_special_privs()" call that should be
made to check whether the app was started with special privileges.
They do nothing on Windows, for now. On UN*X, "get_credential_info()"
saves the real and effective UIDs and GIDs, and
"started_with_special_privs()" just calls "issetugid()" if available and
otherwise tests the real and effective UIDs and GIDs.
("get_credential_info()" still stashes them away, for use in, for
example, future code to relinquish privileges.)
The functions are declared in epan/privileges.h and defined in
epan/privileges.c.