Module: Process::UID
- Defined in:
- process.c
Class Method Summary collapse
-
.Process::UID.change_privilege(user) ⇒ Fixnum
Change the current process’s real and effective user ID to that specified by user.
-
.eid ⇒ Object
Returns the effective user ID for this process.
-
.Process::UID.from_name(name) ⇒ Object
Get the user ID by the name.
-
.grant_privilege(id) ⇒ Object
Set the effective user ID, and if possible, the saved user ID of the process to the given user.
-
.Process::UID.re_exchange ⇒ Fixnum
Exchange real and effective user IDs and return the new effective user ID.
-
.Process::UID.re_exchangeable? ⇒ Boolean
Returns
trueif the real and effective user IDs of a process may be exchanged on the current platform. -
.rid ⇒ Object
Returns the (real) user ID of this process.
-
.Process::UID.sid_available? ⇒ Boolean
Returns
trueif the current platform has saved user ID functionality. - .switch ⇒ Object
Instance Method Summary collapse
-
#Process::UID.change_privilege(user) ⇒ Fixnum
private
Change the current process’s real and effective user ID to that specified by user.
-
#eid ⇒ Object
private
Returns the effective user ID for this process.
-
#Process::UID.from_name(name) ⇒ Object
private
Get the user ID by the name.
-
#grant_privilege(id) ⇒ Object
private
Set the effective user ID, and if possible, the saved user ID of the process to the given user.
-
#Process::UID.re_exchange ⇒ Fixnum
private
Exchange real and effective user IDs and return the new effective user ID.
-
#Process::UID.re_exchangeable? ⇒ Boolean
private
Returns
trueif the real and effective user IDs of a process may be exchanged on the current platform. -
#rid ⇒ Object
private
Returns the (real) user ID of this process.
-
#Process::UID.sid_available? ⇒ Boolean
private
Returns
trueif the current platform has saved user ID functionality. - #switch ⇒ Object private
Class Method Details
.Process::UID.change_privilege(user) ⇒ Fixnum
5351 5352 5353 5354 5355 5356 5357 5358 5359 5360 5361 5362 5363 5364 5365 5366 5367 5368 5369 5370 5371 5372 5373 5374 5375 5376 5377 5378 5379 5380 5381 5382 5383 5384 5385 5386 5387 5388 5389 5390 5391 5392 5393 5394 5395 5396 5397 5398 5399 5400 5401 5402 5403 5404 5405 5406 5407 5408 5409 5410 5411 5412 5413 5414 5415 5416 5417 5418 5419 5420 5421 5422 5423 5424 5425 5426 5427 5428 5429 5430 5431 5432 5433 5434 5435 5436 5437 5438 5439 5440 5441 5442 5443 5444 5445 5446 5447 5448 5449 5450 5451 5452 5453 5454 5455 5456 5457 5458 5459 5460 5461 5462 5463 5464 5465 5466 5467 5468 5469 5470 5471 5472 5473 5474 5475 5476 5477 5478 5479 5480 5481 5482 5483 5484 5485 5486 5487 5488 5489 5490 5491 5492 5493 5494 5495 5496 5497 5498 5499 5500 5501 5502 5503 5504 5505 5506 5507 |
# File 'process.c', line 5351
static VALUE
p_uid_change_privilege(VALUE obj, VALUE id)
{
rb_uid_t uid;
check_uid_switch();
uid = OBJ2UID(id);
if (geteuid() == 0) { /* root-user */
#if defined(HAVE_SETRESUID)
if (setresuid(uid, uid, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
#elif defined(HAVE_SETUID)
if (setuid(uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
#elif defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID)
if (getuid() == uid) {
if (SAVED_USER_ID == uid) {
if (setreuid(-1, uid) < 0) rb_sys_fail(0);
}
else {
if (uid == 0) { /* (r,e,s) == (root, root, x) */
if (setreuid(-1, SAVED_USER_ID) < 0) rb_sys_fail(0);
if (setreuid(SAVED_USER_ID, 0) < 0) rb_sys_fail(0);
SAVED_USER_ID = 0; /* (r,e,s) == (x, root, root) */
if (setreuid(uid, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
else {
if (setreuid(0, -1) < 0) rb_sys_fail(0);
SAVED_USER_ID = 0;
if (setreuid(uid, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
}
}
else {
if (setreuid(uid, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
#elif defined(HAVE_SETRUID) && defined(HAVE_SETEUID)
if (getuid() == uid) {
if (SAVED_USER_ID == uid) {
if (seteuid(uid) < 0) rb_sys_fail(0);
}
else {
if (uid == 0) {
if (setruid(SAVED_USER_ID) < 0) rb_sys_fail(0);
SAVED_USER_ID = 0;
if (setruid(0) < 0) rb_sys_fail(0);
}
else {
if (setruid(0) < 0) rb_sys_fail(0);
SAVED_USER_ID = 0;
if (seteuid(uid) < 0) rb_sys_fail(0);
if (setruid(uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
}
}
else {
if (seteuid(uid) < 0) rb_sys_fail(0);
if (setruid(uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
#else
(void)uid;
rb_notimplement();
#endif
}
else { /* unprivileged user */
#if defined(HAVE_SETRESUID)
if (setresuid((getuid() == uid)? (rb_uid_t)-1: uid,
(geteuid() == uid)? (rb_uid_t)-1: uid,
(SAVED_USER_ID == uid)? (rb_uid_t)-1: uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
#elif defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID)
if (SAVED_USER_ID == uid) {
if (setreuid((getuid() == uid)? (rb_uid_t)-1: uid,
(geteuid() == uid)? (rb_uid_t)-1: uid) < 0)
rb_sys_fail(0);
}
else if (getuid() != uid) {
if (setreuid(uid, (geteuid() == uid)? (rb_uid_t)-1: uid) < 0)
rb_sys_fail(0);
SAVED_USER_ID = uid;
}
else if (/* getuid() == uid && */ geteuid() != uid) {
if (setreuid(geteuid(), uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
if (setreuid(uid, -1) < 0) rb_sys_fail(0);
}
else { /* getuid() == uid && geteuid() == uid */
if (setreuid(-1, SAVED_USER_ID) < 0) rb_sys_fail(0);
if (setreuid(SAVED_USER_ID, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
if (setreuid(uid, -1) < 0) rb_sys_fail(0);
}
#elif defined(HAVE_SETRUID) && defined(HAVE_SETEUID)
if (SAVED_USER_ID == uid) {
if (geteuid() != uid && seteuid(uid) < 0) rb_sys_fail(0);
if (getuid() != uid && setruid(uid) < 0) rb_sys_fail(0);
}
else if (/* SAVED_USER_ID != uid && */ geteuid() == uid) {
if (getuid() != uid) {
if (setruid(uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
else {
if (setruid(SAVED_USER_ID) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
if (setruid(uid) < 0) rb_sys_fail(0);
}
}
else if (/* geteuid() != uid && */ getuid() == uid) {
if (seteuid(uid) < 0) rb_sys_fail(0);
if (setruid(SAVED_USER_ID) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
if (setruid(uid) < 0) rb_sys_fail(0);
}
else {
errno = EPERM;
rb_sys_fail(0);
}
#elif defined HAVE_44BSD_SETUID
if (getuid() == uid) {
/* (r,e,s)==(uid,?,?) ==> (uid,uid,uid) */
if (setuid(uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
else {
errno = EPERM;
rb_sys_fail(0);
}
#elif defined HAVE_SETEUID
if (getuid() == uid && SAVED_USER_ID == uid) {
if (seteuid(uid) < 0) rb_sys_fail(0);
}
else {
errno = EPERM;
rb_sys_fail(0);
}
#elif defined HAVE_SETUID
if (getuid() == uid && SAVED_USER_ID == uid) {
if (setuid(uid) < 0) rb_sys_fail(0);
}
else {
errno = EPERM;
rb_sys_fail(0);
}
#else
rb_notimplement();
#endif
}
return id;
}
|
.euid ⇒ Fixnum .Process::UID.eid ⇒ Fixnum .Process::Sys.geteuid ⇒ Fixnum
6230 6231 6232 6233 6234 6235 |
# File 'process.c', line 6230
static VALUE
proc_geteuid(VALUE obj)
{
rb_uid_t euid = geteuid();
return UIDT2NUM(euid);
}
|
.Process::UID.from_name(name) ⇒ Object
5039 5040 5041 5042 5043 |
# File 'process.c', line 5039
static VALUE
p_uid_from_name(VALUE self, VALUE id)
{
return UIDT2NUM(OBJ2UID(id));
}
|
.Process::UID.grant_privilege(user) ⇒ Fixnum .Process::UID.eid=(user) ⇒ Fixnum
6334 6335 6336 6337 6338 6339 |
# File 'process.c', line 6334
static VALUE
p_uid_grant_privilege(VALUE obj, VALUE id)
{
rb_seteuid_core(OBJ2UID(id));
return id;
}
|
.Process::UID.re_exchange ⇒ Fixnum
6506 6507 6508 6509 6510 6511 6512 6513 6514 6515 6516 6517 6518 6519 6520 6521 6522 6523 6524 6525 6526 6527 6528 6529 6530 6531 |
# File 'process.c', line 6506
static VALUE
p_uid_exchange(VALUE obj)
{
rb_uid_t uid;
#if defined(HAVE_SETRESUID) || (defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID))
rb_uid_t euid;
#endif
check_uid_switch();
uid = getuid();
#if defined(HAVE_SETRESUID) || (defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID))
euid = geteuid();
#endif
#if defined(HAVE_SETRESUID)
if (setresuid(euid, uid, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
#elif defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID)
if (setreuid(euid,uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
#else
rb_notimplement();
#endif
return UIDT2NUM(uid);
}
|
.Process::UID.re_exchangeable? ⇒ Boolean
Returns true if the real and effective user IDs of a process may be exchanged on the current platform.
6481 6482 6483 6484 6485 6486 6487 6488 6489 6490 6491 |
# File 'process.c', line 6481
static VALUE
p_uid_exchangeable(void)
{
#if defined(HAVE_SETRESUID)
return Qtrue;
#elif defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID)
return Qtrue;
#else
return Qfalse;
#endif
}
|
.uid ⇒ Fixnum .Process::UID.rid ⇒ Fixnum .Process::Sys.getuid ⇒ Fixnum
5263 5264 5265 5266 5267 5268 |
# File 'process.c', line 5263
static VALUE
proc_getuid(VALUE obj)
{
rb_uid_t uid = getuid();
return UIDT2NUM(uid);
}
|
.Process::UID.sid_available? ⇒ Boolean
Returns true if the current platform has saved user ID functionality.
6606 6607 6608 6609 6610 6611 6612 6613 6614 |
# File 'process.c', line 6606
static VALUE
p_uid_have_saved_id(void)
{
#if defined(HAVE_SETRESUID) || defined(HAVE_SETEUID) || defined(_POSIX_SAVED_IDS)
return Qtrue;
#else
return Qfalse;
#endif
}
|
.switch ⇒ Object
6685 6686 6687 6688 6689 6690 6691 6692 6693 6694 6695 6696 6697 6698 6699 6700 6701 6702 6703 6704 6705 6706 6707 |
# File 'process.c', line 6685
static VALUE
p_uid_switch(VALUE obj)
{
rb_uid_t uid, euid;
check_uid_switch();
uid = getuid();
euid = geteuid();
if (uid == euid) {
errno = EPERM;
rb_sys_fail(0);
}
p_uid_exchange(obj);
if (rb_block_given_p()) {
under_uid_switch = 1;
return rb_ensure(rb_yield, Qnil, p_uid_sw_ensure, obj);
}
else {
return UIDT2NUM(euid);
}
}
|
Instance Method Details
#Process::UID.change_privilege(user) ⇒ Fixnum (private)
5351 5352 5353 5354 5355 5356 5357 5358 5359 5360 5361 5362 5363 5364 5365 5366 5367 5368 5369 5370 5371 5372 5373 5374 5375 5376 5377 5378 5379 5380 5381 5382 5383 5384 5385 5386 5387 5388 5389 5390 5391 5392 5393 5394 5395 5396 5397 5398 5399 5400 5401 5402 5403 5404 5405 5406 5407 5408 5409 5410 5411 5412 5413 5414 5415 5416 5417 5418 5419 5420 5421 5422 5423 5424 5425 5426 5427 5428 5429 5430 5431 5432 5433 5434 5435 5436 5437 5438 5439 5440 5441 5442 5443 5444 5445 5446 5447 5448 5449 5450 5451 5452 5453 5454 5455 5456 5457 5458 5459 5460 5461 5462 5463 5464 5465 5466 5467 5468 5469 5470 5471 5472 5473 5474 5475 5476 5477 5478 5479 5480 5481 5482 5483 5484 5485 5486 5487 5488 5489 5490 5491 5492 5493 5494 5495 5496 5497 5498 5499 5500 5501 5502 5503 5504 5505 5506 5507 |
# File 'process.c', line 5351
static VALUE
p_uid_change_privilege(VALUE obj, VALUE id)
{
rb_uid_t uid;
check_uid_switch();
uid = OBJ2UID(id);
if (geteuid() == 0) { /* root-user */
#if defined(HAVE_SETRESUID)
if (setresuid(uid, uid, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
#elif defined(HAVE_SETUID)
if (setuid(uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
#elif defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID)
if (getuid() == uid) {
if (SAVED_USER_ID == uid) {
if (setreuid(-1, uid) < 0) rb_sys_fail(0);
}
else {
if (uid == 0) { /* (r,e,s) == (root, root, x) */
if (setreuid(-1, SAVED_USER_ID) < 0) rb_sys_fail(0);
if (setreuid(SAVED_USER_ID, 0) < 0) rb_sys_fail(0);
SAVED_USER_ID = 0; /* (r,e,s) == (x, root, root) */
if (setreuid(uid, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
else {
if (setreuid(0, -1) < 0) rb_sys_fail(0);
SAVED_USER_ID = 0;
if (setreuid(uid, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
}
}
else {
if (setreuid(uid, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
#elif defined(HAVE_SETRUID) && defined(HAVE_SETEUID)
if (getuid() == uid) {
if (SAVED_USER_ID == uid) {
if (seteuid(uid) < 0) rb_sys_fail(0);
}
else {
if (uid == 0) {
if (setruid(SAVED_USER_ID) < 0) rb_sys_fail(0);
SAVED_USER_ID = 0;
if (setruid(0) < 0) rb_sys_fail(0);
}
else {
if (setruid(0) < 0) rb_sys_fail(0);
SAVED_USER_ID = 0;
if (seteuid(uid) < 0) rb_sys_fail(0);
if (setruid(uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
}
}
else {
if (seteuid(uid) < 0) rb_sys_fail(0);
if (setruid(uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
#else
(void)uid;
rb_notimplement();
#endif
}
else { /* unprivileged user */
#if defined(HAVE_SETRESUID)
if (setresuid((getuid() == uid)? (rb_uid_t)-1: uid,
(geteuid() == uid)? (rb_uid_t)-1: uid,
(SAVED_USER_ID == uid)? (rb_uid_t)-1: uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
#elif defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID)
if (SAVED_USER_ID == uid) {
if (setreuid((getuid() == uid)? (rb_uid_t)-1: uid,
(geteuid() == uid)? (rb_uid_t)-1: uid) < 0)
rb_sys_fail(0);
}
else if (getuid() != uid) {
if (setreuid(uid, (geteuid() == uid)? (rb_uid_t)-1: uid) < 0)
rb_sys_fail(0);
SAVED_USER_ID = uid;
}
else if (/* getuid() == uid && */ geteuid() != uid) {
if (setreuid(geteuid(), uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
if (setreuid(uid, -1) < 0) rb_sys_fail(0);
}
else { /* getuid() == uid && geteuid() == uid */
if (setreuid(-1, SAVED_USER_ID) < 0) rb_sys_fail(0);
if (setreuid(SAVED_USER_ID, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
if (setreuid(uid, -1) < 0) rb_sys_fail(0);
}
#elif defined(HAVE_SETRUID) && defined(HAVE_SETEUID)
if (SAVED_USER_ID == uid) {
if (geteuid() != uid && seteuid(uid) < 0) rb_sys_fail(0);
if (getuid() != uid && setruid(uid) < 0) rb_sys_fail(0);
}
else if (/* SAVED_USER_ID != uid && */ geteuid() == uid) {
if (getuid() != uid) {
if (setruid(uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
else {
if (setruid(SAVED_USER_ID) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
if (setruid(uid) < 0) rb_sys_fail(0);
}
}
else if (/* geteuid() != uid && */ getuid() == uid) {
if (seteuid(uid) < 0) rb_sys_fail(0);
if (setruid(SAVED_USER_ID) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
if (setruid(uid) < 0) rb_sys_fail(0);
}
else {
errno = EPERM;
rb_sys_fail(0);
}
#elif defined HAVE_44BSD_SETUID
if (getuid() == uid) {
/* (r,e,s)==(uid,?,?) ==> (uid,uid,uid) */
if (setuid(uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
}
else {
errno = EPERM;
rb_sys_fail(0);
}
#elif defined HAVE_SETEUID
if (getuid() == uid && SAVED_USER_ID == uid) {
if (seteuid(uid) < 0) rb_sys_fail(0);
}
else {
errno = EPERM;
rb_sys_fail(0);
}
#elif defined HAVE_SETUID
if (getuid() == uid && SAVED_USER_ID == uid) {
if (setuid(uid) < 0) rb_sys_fail(0);
}
else {
errno = EPERM;
rb_sys_fail(0);
}
#else
rb_notimplement();
#endif
}
return id;
}
|
#euid ⇒ Fixnum (private) #Process::UID.eid ⇒ Fixnum (private) #Process::Sys.geteuid ⇒ Fixnum (private)
6230 6231 6232 6233 6234 6235 |
# File 'process.c', line 6230
static VALUE
proc_geteuid(VALUE obj)
{
rb_uid_t euid = geteuid();
return UIDT2NUM(euid);
}
|
#Process::UID.from_name(name) ⇒ Object (private)
5039 5040 5041 5042 5043 |
# File 'process.c', line 5039
static VALUE
p_uid_from_name(VALUE self, VALUE id)
{
return UIDT2NUM(OBJ2UID(id));
}
|
#Process::UID.grant_privilege(user) ⇒ Fixnum (private) #Process::UID.eid=(user) ⇒ Fixnum (private)
6334 6335 6336 6337 6338 6339 |
# File 'process.c', line 6334
static VALUE
p_uid_grant_privilege(VALUE obj, VALUE id)
{
rb_seteuid_core(OBJ2UID(id));
return id;
}
|
#Process::UID.re_exchange ⇒ Fixnum (private)
6506 6507 6508 6509 6510 6511 6512 6513 6514 6515 6516 6517 6518 6519 6520 6521 6522 6523 6524 6525 6526 6527 6528 6529 6530 6531 |
# File 'process.c', line 6506
static VALUE
p_uid_exchange(VALUE obj)
{
rb_uid_t uid;
#if defined(HAVE_SETRESUID) || (defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID))
rb_uid_t euid;
#endif
check_uid_switch();
uid = getuid();
#if defined(HAVE_SETRESUID) || (defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID))
euid = geteuid();
#endif
#if defined(HAVE_SETRESUID)
if (setresuid(euid, uid, uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
#elif defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID)
if (setreuid(euid,uid) < 0) rb_sys_fail(0);
SAVED_USER_ID = uid;
#else
rb_notimplement();
#endif
return UIDT2NUM(uid);
}
|
#Process::UID.re_exchangeable? ⇒ Boolean (private)
Returns true if the real and effective user IDs of a process may be exchanged on the current platform.
6481 6482 6483 6484 6485 6486 6487 6488 6489 6490 6491 |
# File 'process.c', line 6481
static VALUE
p_uid_exchangeable(void)
{
#if defined(HAVE_SETRESUID)
return Qtrue;
#elif defined(HAVE_SETREUID) && !defined(OBSOLETE_SETREUID)
return Qtrue;
#else
return Qfalse;
#endif
}
|
#uid ⇒ Fixnum (private) #Process::UID.rid ⇒ Fixnum (private) #Process::Sys.getuid ⇒ Fixnum (private)
5263 5264 5265 5266 5267 5268 |
# File 'process.c', line 5263
static VALUE
proc_getuid(VALUE obj)
{
rb_uid_t uid = getuid();
return UIDT2NUM(uid);
}
|
#Process::UID.sid_available? ⇒ Boolean (private)
Returns true if the current platform has saved user ID functionality.
6606 6607 6608 6609 6610 6611 6612 6613 6614 |
# File 'process.c', line 6606
static VALUE
p_uid_have_saved_id(void)
{
#if defined(HAVE_SETRESUID) || defined(HAVE_SETEUID) || defined(_POSIX_SAVED_IDS)
return Qtrue;
#else
return Qfalse;
#endif
}
|
#switch ⇒ Object (private)
6685 6686 6687 6688 6689 6690 6691 6692 6693 6694 6695 6696 6697 6698 6699 6700 6701 6702 6703 6704 6705 6706 6707 |
# File 'process.c', line 6685
static VALUE
p_uid_switch(VALUE obj)
{
rb_uid_t uid, euid;
check_uid_switch();
uid = getuid();
euid = geteuid();
if (uid == euid) {
errno = EPERM;
rb_sys_fail(0);
}
p_uid_exchange(obj);
if (rb_block_given_p()) {
under_uid_switch = 1;
return rb_ensure(rb_yield, Qnil, p_uid_sw_ensure, obj);
}
else {
return UIDT2NUM(euid);
}
}
|