summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2002-08-04 16:52:08 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2002-08-04 16:52:08 +0000
commit23c9f0d208459e8d55a1247aad85e8f6714bae83 (patch)
treecdb9d7f16b9cb2c493b60fd2fde534ce5048e35a
parent8c8cd93889aafee0ed75ae53d5129de17556c26e (diff)
revoke privs earlier
-rw-r--r--usr.bin/netstat/main.c38
1 files changed, 19 insertions, 19 deletions
diff --git a/usr.bin/netstat/main.c b/usr.bin/netstat/main.c
index 7d3aaea5240..9ec0f2be798 100644
--- a/usr.bin/netstat/main.c
+++ b/usr.bin/netstat/main.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: main.c,v 1.32 2002/06/07 21:58:38 itojun Exp $ */
+/* $OpenBSD: main.c,v 1.33 2002/08/04 16:52:07 deraadt Exp $ */
/* $NetBSD: main.c,v 1.9 1996/05/07 02:55:02 thorpej Exp $ */
/*
@@ -44,7 +44,7 @@ char copyright[] =
#if 0
static char sccsid[] = "from: @(#)main.c 8.4 (Berkeley) 3/1/94";
#else
-static char *rcsid = "$OpenBSD: main.c,v 1.32 2002/06/07 21:58:38 itojun Exp $";
+static char *rcsid = "$OpenBSD: main.c,v 1.33 2002/08/04 16:52:07 deraadt Exp $";
#endif
#endif /* not lint */
@@ -404,6 +404,23 @@ main(argc, argv)
argv += optind;
argc -= optind;
+ /*
+ * Discard setgid privileges if not the running kernel so that bad
+ * guys can't print interesting stuff from kernel memory.
+ */
+ if (nlistf != NULL || memf != NULL) {
+ setegid(getgid());
+ setgid(getgid());
+ }
+
+ if ((kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY,
+ buf)) == NULL) {
+ fprintf(stderr, "%s: kvm_open: %s\n", __progname, buf);
+ exit(1);
+ }
+ setegid(getgid());
+ setgid(getgid());
+
#define BACKWARD_COMPATIBILITY
#ifdef BACKWARD_COMPATIBILITY
if (*argv) {
@@ -422,23 +439,6 @@ main(argc, argv)
}
#endif
- /*
- * Discard setgid privileges if not the running kernel so that bad
- * guys can't print interesting stuff from kernel memory.
- */
- if (nlistf != NULL || memf != NULL) {
- setegid(getgid());
- setgid(getgid());
- }
-
- if ((kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY,
- buf)) == NULL) {
- fprintf(stderr, "%s: kvm_open: %s\n", __progname, buf);
- exit(1);
- }
- setegid(getgid());
- setgid(getgid());
-
if (kvm_nlist(kvmd, nl) < 0 || nl[0].n_type == 0) {
if (nlistf)
fprintf(stderr, "%s: %s: no namelist\n", __progname,