https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3523
--- Comment #1 from Guy Harris <guy@xxxxxxxxxxxx> 2009-06-10 03:06:22 PDT ---
The started_with_special_privs() was designed around set-UID, not around sudo.
We could *extend* it to check *both* for running set-UID and as root - note
that merely checking whether the real or effective user or group ID is 0 is
*not* sufficient, as it doesn't check whether the saved set-user ID or
set-grpup ID is 0, and if, for example, the saved set-user ID is 0, a plugin
could grab root privileges by changing the effective user ID to 0. (That's one
of the reasons why issetugid() was created.)
Thus, to make the results consistent, the on-HAVE_ISSETUGID version would have
to somehow check whether you have a saved set-user ID or saved set-group ID of
0; attempting to do seteuid(0) or setegid(0) might be sufficient for that,
although that wouldn't help if there are platforms that have issetugid() but
don't have seteuid() or setegid().
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.