src: add ability to get/set effective uid/gid

evanlucas · evanlucas · commit 3c92ca2b5c1a · 2015-04-29T16:04:26.000-05:00
Adds the following to process: - `process.geteuid()` - `process.seteuid(id)` - `process.getegid()` - `process.setegid(id)` PR-URL: #1536 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
diff --git a/doc/api/process.markdown b/doc/api/process.markdown
@@ -455,6 +455,19 @@ This is the numerical group id, not the group name.
     }
 
 
+## process.getegid()
+
+Note: this function is only available on POSIX platforms (i.e. not Windows,
+Android)
+
+Gets the effective group identity of the process. (See getegid(2).)
+This is the numerical group id, not the group name.
+
+    if (process.getegid) {
+      console.log('Current gid: ' + process.getegid());
+    }
+
+
 ## process.setgid(id)
 
 Note: this function is only available on POSIX platforms (i.e. not Windows,
@@ -476,6 +489,27 @@ blocks while resolving it to a numerical ID.
     }
 
 
+## process.setegid(id)
+
+Note: this function is only available on POSIX platforms (i.e. not Windows,
+Android)
+
+Sets the effective group identity of the process. (See setegid(2).)
+This accepts either a numerical ID or a groupname string. If a groupname
+is specified, this method blocks while resolving it to a numerical ID.
+
+    if (process.getegid && process.setegid) {
+      console.log('Current gid: ' + process.getegid());
+      try {
+        process.setegid(501);
+        console.log('New gid: ' + process.getegid());
+      }
+      catch (err) {
+        console.log('Failed to set gid: ' + err);
+      }
+    }
+
+
 ## process.getuid()
 
 Note: this function is only available on POSIX platforms (i.e. not Windows,
@@ -489,6 +523,19 @@ This is the numerical userid, not the username.
     }
 
 
+## process.geteuid()
+
+Note: this function is only available on POSIX platforms (i.e. not Windows,
+Android)
+
+Gets the effective user identity of the process. (See geteuid(2).)
+This is the numerical userid, not the username.
+
+    if (process.geteuid) {
+      console.log('Current uid: ' + process.geteuid());
+    }
+
+
 ## process.setuid(id)
 
 Note: this function is only available on POSIX platforms (i.e. not Windows,
@@ -510,6 +557,27 @@ blocks while resolving it to a numerical ID.
     }
 
 
+## process.seteuid(id)
+
+Note: this function is only available on POSIX platforms (i.e. not Windows,
+Android)
+
+Sets the effective user identity of the process. (See seteuid(2).)
+This accepts either a numerical ID or a username string.  If a username
+is specified, this method blocks while resolving it to a numerical ID.
+
+    if (process.geteuid && process.seteuid) {
+      console.log('Current uid: ' + process.geteuid());
+      try {
+        process.seteuid(501);
+        console.log('New uid: ' + process.geteuid());
+      }
+      catch (err) {
+        console.log('Failed to set uid: ' + err);
+      }
+    }
+
+
 ## process.getgroups()
 
 Note: this function is only available on POSIX platforms (i.e. not Windows,
diff --git a/src/node.cc b/src/node.cc
@@ -1750,6 +1750,18 @@ static void GetGid(const FunctionCallbackInfo<Value>& args) {
 }
 
 
+static void GetEUid(const FunctionCallbackInfo<Value>& args) {
+  // uid_t is an uint32_t on all supported platforms.
+  args.GetReturnValue().Set(static_cast<uint32_t>(geteuid()));
+}
+
+
+static void GetEGid(const FunctionCallbackInfo<Value>& args) {
+  // gid_t is an uint32_t on all supported platforms.
+  args.GetReturnValue().Set(static_cast<uint32_t>(getegid()));
+}
+
+
 static void SetGid(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
 
@@ -1769,6 +1781,25 @@ static void SetGid(const FunctionCallbackInfo<Value>& args) {
 }
 
 
+static void SetEGid(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+
+  if (!args[0]->IsUint32() && !args[0]->IsString()) {
+    return env->ThrowTypeError("setegid argument must be a number or string");
+  }
+
+  gid_t gid = gid_by_name(env->isolate(), args[0]);
+
+  if (gid == gid_not_found) {
+    return env->ThrowError("setegid group id does not exist");
+  }
+
+  if (setegid(gid)) {
+    return env->ThrowErrnoException(errno, "setegid");
+  }
+}
+
+
 static void SetUid(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
 
@@ -1788,6 +1819,25 @@ static void SetUid(const FunctionCallbackInfo<Value>& args) {
 }
 
 
+static void SetEUid(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+
+  if (!args[0]->IsUint32() && !args[0]->IsString()) {
+    return env->ThrowTypeError("seteuid argument must be a number or string");
+  }
+
+  uid_t uid = uid_by_name(env->isolate(), args[0]);
+
+  if (uid == uid_not_found) {
+    return env->ThrowError("seteuid user id does not exist");
+  }
+
+  if (seteuid(uid)) {
+    return env->ThrowErrnoException(errno, "seteuid");
+  }
+}
+
+
 static void GetGroups(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
 
@@ -2821,10 +2871,14 @@ void SetupProcessObject(Environment* env,
 
 #if defined(__POSIX__) && !defined(__ANDROID__)
   env->SetMethod(process, "getuid", GetUid);
+  env->SetMethod(process, "geteuid", GetEUid);
   env->SetMethod(process, "setuid", SetUid);
+  env->SetMethod(process, "seteuid", SetEUid);
 
   env->SetMethod(process, "setgid", SetGid);
+  env->SetMethod(process, "setegid", SetEGid);
   env->SetMethod(process, "getgid", GetGid);
+  env->SetMethod(process, "getegid", GetEGid);
 
   env->SetMethod(process, "getgroups", GetGroups);
   env->SetMethod(process, "setgroups", SetGroups);
