[krbdev.mit.edu #8566] krb5_init_context() should detect set-uid-ness
Nico Williams via RT
rt-comment at krbdev.mit.edu
Fri Mar 31 13:36:10 EDT 2017
https://github.com/heimdal/heimdal/pull/270
Adds more intelligence to issuid():
- if AT_EXECPATH/AT_EXECFN/AT_SUN_EXECNAME is set, it will stat() that
to see if that file is set-uid/set-gid
- it will more intelligently detect getauxval() implementations that do
not set errno = ENOENT when the type is not found and will try
reading /proc/self/auxv if it is available
- it will use getresuid() and getregid() if available as part of the
last ditch effort (that now should only apply to non-ELF programs)
- it will memoize its results to avoid doing slow things repeatedly
More information about the krb5-bugs
mailing list