The FreeBSD Function issetugid(2)

Since FreeBSD release 3.0, the function issetugid(2) has been supported. Its synopsis is as follows:

#include <unistd.h>

int issetugid(void);

The issetugid(2) function returns the value 1 if the process is considered tainted and 0 otherwise. A tainted process is one in which the execve(2) call established new effective user ID and/or group ID values because of the set-uid/gid bits on the executable file. A process can also become tainted if any of the real, effective, or saved user ID/group ID values has changed since the executable file started its execution.

Processes inherit the tainted status when fork(2) is called. The tainted status can be cleared by restoring the effective user ID and group ID values to the real user ID and group ID values. Then call execve(2) to execute a new program that has not had the set-uid/set-gid bits set (or the ID values matched the real ones).

The purpose of this function is to give the library functions a reliable way to determine if the present user ID and group ID values can be trusted to identify the user.