mirror of
https://github.com/freebsd/freebsd-src
synced 2024-11-05 18:22:52 +00:00
Fight over non-working setruid
This commit is contained in:
parent
e007f8483b
commit
9cb939b4b4
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=7860
2 changed files with 15 additions and 11 deletions
|
@ -80,7 +80,7 @@
|
|||
|
||||
/* File scope variables */
|
||||
|
||||
static char rcsid[] = "$Id: at.c,v 1.2 1994/06/08 18:19:43 kernel Exp $";
|
||||
static char rcsid[] = "$Id: at.c,v 1.2 1995/04/12 02:42:28 ache Exp $";
|
||||
char *no_export[] =
|
||||
{
|
||||
"TERM", "TERMCAP", "DISPLAY", "_"
|
||||
|
@ -250,12 +250,6 @@ writefile(time_t runtimer, char queue)
|
|||
|
||||
PRIV_END
|
||||
|
||||
/* We no longer need suid root; now we just need to be able to write
|
||||
* to the directory, if necessary.
|
||||
*/
|
||||
|
||||
REDUCE_PRIV(DAEMON_UID, DAEMON_GID)
|
||||
|
||||
/* We've successfully created the file; let's set the flag so it
|
||||
* gets removed in case of an interrupt or error.
|
||||
*/
|
||||
|
@ -466,11 +460,13 @@ delete_jobs(int argc, char **argv)
|
|||
perr("Cannot change to " ATJOB_DIR);
|
||||
|
||||
for (i=optind; i < argc; i++) {
|
||||
if (stat(argv[i], &buf) != 0)
|
||||
if (stat(argv[i], &buf) != 0) {
|
||||
perr(argv[i]);
|
||||
continue;
|
||||
}
|
||||
if ((buf.st_uid != real_uid) && !(real_uid == 0)) {
|
||||
fprintf(stderr, "%s: Not owner\n", argv[i]);
|
||||
exit(EXIT_FAILURE);
|
||||
continue;
|
||||
}
|
||||
if (unlink(argv[i]) != 0)
|
||||
perr(argv[i]);
|
||||
|
|
|
@ -41,6 +41,15 @@
|
|||
*/
|
||||
#define setreuid(r, e) seteuid(e)
|
||||
#define setregid(r, e) setegid(e)
|
||||
#define SET_REAL_PRIV(a, b) {\
|
||||
setgid(b); \
|
||||
setuid(a); \
|
||||
}
|
||||
#else
|
||||
#define SET_REAL_PRIV(a. b) {\
|
||||
setregid((b), real_gid); \
|
||||
setreuid((a), real_uid); \
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Relinquish privileges temporarily for a setuid or setgid program
|
||||
|
@ -114,7 +123,6 @@ gid_t real_gid, effective_gid;
|
|||
setregid(real_gid, effective_gid); \
|
||||
effective_uid = (a); \
|
||||
effective_gid = (b); \
|
||||
setregid(effective_gid, real_gid); \
|
||||
setreuid(effective_uid, real_uid); \
|
||||
SET_REAL_PRIV(a, b); \
|
||||
}
|
||||
#endif
|
||||
|
|
Loading…
Reference in a new issue