uuid: Use posix_geteuid() if it exists, instead of getmyuid()

tstarling · tstarling · commit 93f8fb196243 · 2024-03-05T11:20:44.000+11:00
We're trying to construct a filename which will be writable by other
requests that use the same filename. getmyuid() is not correct since it
just gives the owner of the script being executed -- requests by
different users will use the same name and thus will conflict with each
other.

posix_geteuid() is the UID used for permission checks when creating
files, so it is the correct function to call in the hypothetical
scenario where the real and effective UIDs differ.

Bug: T358768
Change-Id: Idd85308e59fcd3a96ab8ba4cdb686f1affdf774c
diff --git a/includes/libs/uuid/GlobalIdGenerator.php b/includes/libs/uuid/GlobalIdGenerator.php
@@ -97,8 +97,14 @@ public function __construct( $tempDirectory, $shellCallback ) {
 			throw new InvalidArgumentException( "No temp directory provided" );
 		}
 		$this->tmpDir = $tempDirectory;
-		// Check if getmyuid exists, it could be disabled for security reasons - T324513
-		$fileSuffix = function_exists( 'getmyuid' ) ? getmyuid() : '';
+		// Include the UID in the filename (T268420, T358768)
+		if ( function_exists( 'posix_geteuid' ) ) {
+			$fileSuffix = posix_geteuid();
+		} elseif ( function_exists( 'getmyuid' ) ) {
+			$fileSuffix = getmyuid();
+		} else {
+			$fileSuffix = '';
+		}
 		$this->uniqueFilePrefix = self::FILE_PREFIX . $fileSuffix;
 		$this->nodeIdFile = $tempDirectory . '/' . $this->uniqueFilePrefix . '-UID-nodeid';
 		// If different processes run as different users, they may have different temp dirs.
