Skip to content

Commit

Permalink
src: add ability to get/set effective uid/gid
Browse files Browse the repository at this point in the history
Adds the following to process:

- `process.geteuid()`
- `process.seteuid(id)`
- `process.getegid()`
- `process.setegid(id)`

PR-URL: nodejs#1536
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
  • Loading branch information
evanlucas committed Apr 29, 2015
1 parent f9b226c commit 3c92ca2
Show file tree
Hide file tree
Showing 2 changed files with 122 additions and 0 deletions.
68 changes: 68 additions & 0 deletions doc/api/process.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -455,6 +455,19 @@ This is the numerical group id, not the group name.
}


## process.getegid()

Note: this function is only available on POSIX platforms (i.e. not Windows,
Android)

Gets the effective group identity of the process. (See getegid(2).)
This is the numerical group id, not the group name.

if (process.getegid) {
console.log('Current gid: ' + process.getegid());
}


## process.setgid(id)

Note: this function is only available on POSIX platforms (i.e. not Windows,
Expand All @@ -476,6 +489,27 @@ blocks while resolving it to a numerical ID.
}


## process.setegid(id)

Note: this function is only available on POSIX platforms (i.e. not Windows,
Android)

Sets the effective group identity of the process. (See setegid(2).)
This accepts either a numerical ID or a groupname string. If a groupname
is specified, this method blocks while resolving it to a numerical ID.

if (process.getegid && process.setegid) {
console.log('Current gid: ' + process.getegid());
try {
process.setegid(501);
console.log('New gid: ' + process.getegid());
}
catch (err) {
console.log('Failed to set gid: ' + err);
}
}


## process.getuid()

Note: this function is only available on POSIX platforms (i.e. not Windows,
Expand All @@ -489,6 +523,19 @@ This is the numerical userid, not the username.
}


## process.geteuid()

Note: this function is only available on POSIX platforms (i.e. not Windows,
Android)

Gets the effective user identity of the process. (See geteuid(2).)
This is the numerical userid, not the username.

if (process.geteuid) {
console.log('Current uid: ' + process.geteuid());
}


## process.setuid(id)

Note: this function is only available on POSIX platforms (i.e. not Windows,
Expand All @@ -510,6 +557,27 @@ blocks while resolving it to a numerical ID.
}


## process.seteuid(id)

Note: this function is only available on POSIX platforms (i.e. not Windows,
Android)

Sets the effective user identity of the process. (See seteuid(2).)
This accepts either a numerical ID or a username string. If a username
is specified, this method blocks while resolving it to a numerical ID.

if (process.geteuid && process.seteuid) {
console.log('Current uid: ' + process.geteuid());
try {
process.seteuid(501);
console.log('New uid: ' + process.geteuid());
}
catch (err) {
console.log('Failed to set uid: ' + err);
}
}


## process.getgroups()

Note: this function is only available on POSIX platforms (i.e. not Windows,
Expand Down
54 changes: 54 additions & 0 deletions src/node.cc
Original file line number Diff line number Diff line change
Expand Up @@ -1750,6 +1750,18 @@ static void GetGid(const FunctionCallbackInfo<Value>& args) {
}


static void GetEUid(const FunctionCallbackInfo<Value>& args) {
// uid_t is an uint32_t on all supported platforms.
args.GetReturnValue().Set(static_cast<uint32_t>(geteuid()));
}


static void GetEGid(const FunctionCallbackInfo<Value>& args) {
// gid_t is an uint32_t on all supported platforms.
args.GetReturnValue().Set(static_cast<uint32_t>(getegid()));
}


static void SetGid(const FunctionCallbackInfo<Value>& args) {
Environment* env = Environment::GetCurrent(args);

Expand All @@ -1769,6 +1781,25 @@ static void SetGid(const FunctionCallbackInfo<Value>& args) {
}


static void SetEGid(const FunctionCallbackInfo<Value>& args) {
Environment* env = Environment::GetCurrent(args);

if (!args[0]->IsUint32() && !args[0]->IsString()) {
return env->ThrowTypeError("setegid argument must be a number or string");
}

gid_t gid = gid_by_name(env->isolate(), args[0]);

if (gid == gid_not_found) {
return env->ThrowError("setegid group id does not exist");
}

if (setegid(gid)) {
return env->ThrowErrnoException(errno, "setegid");
}
}


static void SetUid(const FunctionCallbackInfo<Value>& args) {
Environment* env = Environment::GetCurrent(args);

Expand All @@ -1788,6 +1819,25 @@ static void SetUid(const FunctionCallbackInfo<Value>& args) {
}


static void SetEUid(const FunctionCallbackInfo<Value>& args) {
Environment* env = Environment::GetCurrent(args);

if (!args[0]->IsUint32() && !args[0]->IsString()) {
return env->ThrowTypeError("seteuid argument must be a number or string");
}

uid_t uid = uid_by_name(env->isolate(), args[0]);

if (uid == uid_not_found) {
return env->ThrowError("seteuid user id does not exist");
}

if (seteuid(uid)) {
return env->ThrowErrnoException(errno, "seteuid");
}
}


static void GetGroups(const FunctionCallbackInfo<Value>& args) {
Environment* env = Environment::GetCurrent(args);

Expand Down Expand Up @@ -2821,10 +2871,14 @@ void SetupProcessObject(Environment* env,

#if defined(__POSIX__) && !defined(__ANDROID__)
env->SetMethod(process, "getuid", GetUid);
env->SetMethod(process, "geteuid", GetEUid);
env->SetMethod(process, "setuid", SetUid);
env->SetMethod(process, "seteuid", SetEUid);

env->SetMethod(process, "setgid", SetGid);
env->SetMethod(process, "setegid", SetEGid);
env->SetMethod(process, "getgid", GetGid);
env->SetMethod(process, "getegid", GetEGid);

env->SetMethod(process, "getgroups", GetGroups);
env->SetMethod(process, "setgroups", SetGroups);
Expand Down

0 comments on commit 3c92ca2

Please sign in to comment.