Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <errno.h>
- #include <ctype.h>
- #include <fcntl.h>
- #include <unistd.h>
- #include <stdlib.h>
- #include <stdio.h>
- #include <limits.h>
- #include <grp.h>
- #include <pwd.h>
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <sys/capability.h>
- #include <sys/prctl.h>
- #include <sys/syscall.h>
- void print_process_info(void)
- {
- gid_t rgid, egid, sgid;
- pid_t pgid, pid, ppid, sid;
- uid_t ruid, euid, suid;
- int ngroups = NGROUPS_MAX, j;
- gid_t *groups;
- struct passwd *pw;
- struct group *gr;
- cap_t caps;
- char *caps_text;
- /*
- * PID: Each process has a unique nonnegative integer identifier that is
- * assigned when the process is created using fork(2).
- *
- * A process's PID is preserved across an execve(2)
- */
- pid = getpid();
- /*
- * PPID: A process's parent process ID identifies the process that created
- * this process using fork(2).
- *
- * A process's PPID is preserved across an execve(2)
- */
- ppid = getppid();
- fprintf(stderr, "PID: %d, Parent PID: %d\n", pid, ppid);
- /*
- * A process group (sometimes called a "job") is a
- * collection of processes that share the same process group ID; the
- * shell creates a new process group for the process(es) used to execute
- * single command or pipeline (e.g., the two processes created to
- * execute the command "ls | wc" are placed in the same process group).
- */
- pgid = getpgrp();
- /*
- * A session is a collection of processes that share the same session
- * ID. All of the members of a process group also have the same session
- * ID (i.e., all of the members of a process group always belong to the
- * same session, so that sessions and process groups form a strict two-
- * level hierarchy of processes.) A new session is created when a
- * process calls setsid(2), which creates a new session whose session ID
- * is the same as the PID of the process that called setsid(2). The
- * creator of the session is called the session leader.
- */
- sid = getsid(pid);
- fprintf(stderr, "Process GID: %d, Session ID: %d\n", pgid, sid);
- /*
- * - Real user ID and real group ID. These IDs determine who owns the
- * process.
- *
- * - Effective user ID and effective group ID. These IDs are used by
- * the kernel to determine the permissions that the process will have
- * when accessing shared resources such as message queues, shared
- * memory, and semaphores. On most UNIX systems, these IDs also
- * determine the permissions when accessing files. However, Linux
- * uses the filesystem IDs described below for this task.
- *
- * - Saved set-user-ID and saved set-group-ID. These IDs are used in
- * set-user-ID and set-group-ID programs to save a copy of the
- * corresponding effective IDs that were set when the program was
- * executed (see execve(2)). A set-user-ID program can assume and
- * drop privileges by switching its effective user ID back and forth
- * between the values in its real user ID and saved set-user-ID.
- * This switching is done via calls to seteuid(2), setreuid(2), or
- * setresuid(2). A set-group-ID program performs the analogous tasks
- * using setegid(2), setregid(2), or setresgid(2).
- */
- getresuid(&ruid, &euid, &suid);
- getresgid(&rgid, &egid, &sgid);
- fprintf(stderr, "Real UID: %d, Effective UID: %d, Set-User UID: %d\n", ruid, euid, suid);
- fprintf(stderr, "Real GID: %d, Effective GID: %d, Set-User GID: %d\n", rgid, egid, sgid);
- /*
- * Supplementary group IDs. This is a set of additional group IDs
- * that are used for permission checks when accessing files and other
- * shared resources.
- */
- groups = malloc(ngroups * sizeof(gid_t));
- if(groups == NULL) {
- perror("malloc memory for groups");
- return;
- }
- pw = getpwuid(ruid);
- if(pw == NULL) {
- perror("get passwd structure for our UID");
- free(groups);
- return;
- }
- if(getgrouplist((const char *)pw->pw_name, pw->pw_gid, groups, &ngroups) == -1) {
- fprintf(stderr, "getgrouplist() returned -1; ngroups = %d\n", ngroups);
- free(groups);
- } else {
- fprintf(stderr, "Get %d supplementary group IDs\n", ngroups);
- for (j = 0; j < ngroups; j++) {
- fprintf(stderr, "%d", groups[j]);
- gr = getgrgid(groups[j]);
- if (gr != NULL)
- fprintf(stderr, " (%s)", gr->gr_name);
- fprintf(stderr, "\n");
- }
- free(groups);
- }
- /*
- * For the purpose of performing permission checks, traditional UNIX
- * implementations distinguish two categories of processes: privileged
- * processes (whose effective user ID is 0, referred to as superuser or
- * root), and unprivileged processes (whose effective UID is nonzero).
- * Privileged processes bypass all kernel permission checks, while
- * unprivileged processes are subject to full permission checking based
- * on the process's credentials (usually: effective UID, effective GID,
- * and supplementary group list).
- */
- caps = cap_get_proc();
- caps_text = cap_to_text(caps, NULL);
- if(!caps_text) {
- fprintf(stderr, "unable to parse caps\n");
- cap_free(caps);
- return;
- }
- fprintf(stderr, "Capabilities: %s\n", caps_text);
- cap_free(caps);
- cap_free(caps_text);
- }
Add Comment
Please, Sign In to add comment