SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 40

changes.mady.by.user Alen Zukich

Saved on

compared with

New Version 41

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Wiki Markup
POSIX defines {{setgid()}} to have the following behavior \[[Open Group 04|AA. References#OpenBibliography#Open Group 04]\]:

If the process has appropriate privileges, setgid() shall set the real group ID, effective group ID, and the saved set-group-ID of the calling process to gid.

If the process does not have appropriate privileges, but gid is equal to the real group ID or the saved set-group-ID, setgid() shall set the effective group ID to gid; the real group ID and saved set-group-ID shall remain unchanged.

...

Wiki Markup
\[[Chen 02|AA. References#ChenBibliography#Chen 02]\] "Setuid Demystified"
\[[Dowd 06|AA. References#DowdBibliography#Dowd 06]\] Chapter 9, "UNIX I: Privileges and Files"
\[[ISO/IEC PDTR 24772|AA. References#ISOBibliography#ISO/IEC PDTR 24772]\] "XYO Privilege Sandbox Issues"
\[[MITRE 07|AA. References#MITREBibliography#MITRE 07]\] [CWE ID 250|http://cwe.mitre.org/data/definitions/250.html], "Execution with Unnecessary Privileges," [CWE ID 696|http://cwe.mitre.org/data/definitions/696.html], "Incorrect Behavior Order"
\[[Open Group 04|AA. References#OpenBibliography#Open Group 04]\] [{{setuid()}}|http://www.opengroup.org/onlinepubs/009695399/functions/setuid.html], and [{{setgid()}}|http://www.opengroup.org/onlinepubs/009695399/functions/setgid.html]
\[[Tsafrir 08|AA. References#TsafrirBibliography#Tsafrir 08]\] "The Murky Issue of Changing Process Identity: Revising 'Setuid Demystified'"

...