Mac Developer Library Developer


This manual page is part of Xcode Tools version 5.0

To obtain these tools:

If you are running a version of Xcode Tools other than 5.0, view the documentation locally:

  • In Xcode

  • In Terminal, using the man(1) command

Reading manual pages

Manual pages are intended as a quick reference for people who already understand a technology.

  • To learn how the manual is organized or to learn about command syntax, read the manual page for manpages(5).

  • For more information about this technology, look for other documentation in the Apple Developer Library.

  • For general information about writing shell scripts, read Shell Scripting Primer.

ISSETUGID(2)                BSD System Calls Manual               ISSETUGID(2)

     issetugid -- is current process tainted by uid or gid changes

     Standard C Library (libc, -lc)

     #include <unistd.h>


     The issetugid() system call returns 1 if the process environment or memory address space is considered
     ``tainted'', and returns 0 otherwise.

     A process is tainted if it was created as a result of an execve(2) system call which had either of the
     setuid or setgid bits set (and extra privileges were given as a result) or if it has changed any of its
     real, effective or saved user or group ID's since it began execution.

     This system call exists so that library routines (eg: libc, libtermcap) can reliably determine if it is
     safe to use information that was obtained from the user, in particular the results from getenv(3)
     should be viewed with suspicion if it is used to control operation.

     A ``tainted'' status is inherited by child processes as a result of the fork(2) system call (or other
     library code that calls fork, such as popen(3)).

     It is assumed that a program that clears all privileges as it prepares to execute another will also
     reset the environment, hence the ``tainted'' status will not be passed on.  This is important for pro-grams programs
     grams such as su(1) which begin setuid but need to be able to create an untainted process.

     The issetugid() system call is always successful, and no return value is reserved to indicate an error.

     execve(2), fork(2), setegid(2), seteuid(2), setgid(2), setregid(2), setreuid(2), setuid(2)

     The issetugid() system call first appeared in OpenBSD 2.0 and was also implemented in FreeBSD 3.0.

BSD                             August 25, 1996                            BSD

Reporting Problems

The way to report a problem with this manual page depends on the type of problem:

Content errors
Report errors in the content of this documentation with the feedback links below.
Bug reports
Report bugs in the functionality of the described tool or API through Bug Reporter.
Formatting problems
Report formatting mistakes in the online version of these pages with the feedback links below.