diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2006-03-06 10:44:11 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2006-03-06 10:44:11 +0000 |
| commit | 5803ed8cfde384a9de032eaa23f79772700350bd (patch) | |
| tree | 1aa019b407116fc7fa40ae747419ba74e39187ff /bin/systrace/intercept.c | |
| parent | 2ed6f211b263d0c8d42d7a5cfbc07b1a51937cc2 (diff) | |
convert permanent privilege revocation to use setresuid/setresgid;
ok henning@
Diffstat (limited to 'bin/systrace/intercept.c')
| -rw-r--r-- | bin/systrace/intercept.c | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/bin/systrace/intercept.c b/bin/systrace/intercept.c index 61f72435f0b..32cc883b369 100644 --- a/bin/systrace/intercept.c +++ b/bin/systrace/intercept.c @@ -1,4 +1,4 @@ -/* $OpenBSD: intercept.c,v 1.49 2004/07/07 07:31:40 marius Exp $ */ +/* $OpenBSD: intercept.c,v 1.50 2006/03/06 10:44:10 djm Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * All rights reserved. @@ -323,16 +323,12 @@ intercept_run(int bg, int fd, uid_t uid, gid_t gid, /* Change to different user */ if (uid || gid) { + if (setresgid(gid, gid, gid) == -1) + err(1, "setresgid"); if (setgroups(1, &gid) == -1) err(1, "setgroups"); - if (setgid(gid) == -1) - err(1, "setgid"); - if (setegid(gid) == -1) - err(1, "setegid"); - if (setuid(uid) == -1) - err(1, "setuid"); - if (seteuid(uid) == -1) - err(1, "seteuid"); + if (setresuid(uid, uid, uid) == -1) + err(1, "setresuid"); } execvp(path, argv); |