How to determine the effective user id of a process in Rust?

Question

On Linux and other POSIX systems, a program can be executed under the identity of another user (ie euid ). Normally, you'd call geteuid and friends to reliably determine the current identities of the process. However, I couldn't figure out a reliable way to determine these identities using only rust's standard library.

The only thing I found that was close is std::os::unix::MetadataExt .

Is it currently possible to determine the euid (and other ids) of process using the rust's standard library? Is there a function or trait I'm missing?

Answer 1

This is going to be on an OS-specific dependency as the concept does not exist (or do what you think it will!) for most of the targets you can build rust code for. In particular, you will find this in the libc crate, which is, as the name suggests, a very small wrapper over libc .

The std::os namespace is typically limited for the bare minimum to get process and FS functionality going for the std::process , std::thread and std::fs modules. As such, it would not have been in there. MetadataExt is, for a similar reason, aimed and targeted at filesystem usage.

As you could have expected, the call itself is, unimaginatively, geteuid .

It is an unsafe extern import, so you'll have to wrap it in an unsafe block.

Answer 2

It appears that Rust 1.46.0 doesn't expose this functionality in the standard library. If you're using a POSIX system and don't want to rely on an extra dependency, you have four options:

1. You can use libc directly:

    #[link(name = "c")] extern "C" { fn geteuid() -> u32; fn getegid() -> u32; }

   If you're using GNU/Linux in particular, you won't need to link to libc at all since the system call symbols are automatically made available to your program via the VDSO. In other words, you can use a plain extern block without the link attribute.

2. Read /proc/self/status (potentially Linux only?). This file contains a line that starts with Uid: . This line lists the real user id, effective user id, and other information that you may also find relevant. Refer to man proc for more information.

3. If you're using a normal GNU/Linux system, you can access the metadata of the /proc/self directory itself. As pointed out in this question , the owner of this directory should match the effective user id of the process. You can get the euid as follows:

    use std::os::unix::fs::MetadataExt; println!("metadata for {:?}", std::fs::metadata("/proc/self").map(|m| m.uid()));

   A benefit this approach provides is that it is relatively cheap compared to option #2 since it's only a single stat syscall (as opposed to opening a file and reading/parsing its contents).

4. If you're not using a normal GNU/Linux system, you might find success in creating a new dummy file and obtaining the owner id normally via Metadata .