Function requires_secure_execution

pub fn requires_secure_execution() -> bool

Returns whether the running executable requires secure execution.

This property is relevant for code that might be executed as part of a set-user-ID or set-group-ID binary or similar.

Quoting the glibc manual pages:

The GNU-specific secure_getenv() function is just like getenv() except that it returns NULL in cases where “secure execution” is required.

The secure_getenv() function is intended for use in general-purpose libraries to avoid vulnerabilities that could occur if set-user-ID or set-group-ID programs accidentally trusted the environment.

Quoting the OpenBSD manual pages:

In particular, it is wise to use [this property] to determine if a pathname returned from a getenv() call may safely be used to open() the specified file.

How this function determines this property depends on the target_os value.

• If target_os is one of linux or android, the AT_SECURE value from getauxval is used. See getauxval(3) for details.

• Otherwise, if target_os is one of macos, ios, watchos, tvos, visionos, dragonfly, freebsd, illumos, netbsd, openbsd, or solaris, the return value of issetugid is used.

  The behavior of this function differs between operating systems, but it is always defined to be used for this purpose. See for example the manual pages of OpenBSD and FreeBSD.

  Note that, on FreeBSD and other operating systems using the same model, the return value of issetugid can change at runtime. But this function always caches the result when it is called for the first time.

• Otherwise, if cfg(unix), this function always returns true. As of this writing, this affects the following target_os values:

  aix, emscripten, espidf, fuchsia, haiku, horizon, hurd, l4re, nto, nuttx, redox, rtems, vita, and vxworks

• Otherwise, this function always returns false. As of this writing, this affects the following target_os values:

  cuda, hermit, psp, solid_asp3, teeos, trusty, uefi, wasi, windows, xous, and zkvm