Deal with _POSIX_SAVED_IDS when relinquishing privileges

5 files changed, 18 insertions, 8 deletions

diff --git a/bin/ksh/misc.c b/bin/ksh/misc.c
index dcbd8130b18..5108389f6bf 100644
--- a/bin/ksh/misc.c
+++ b/bin/ksh/misc.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: misc.c,v 1.2 1996/08/19 20:08:57 downsj Exp $	*/
+/*	$OpenBSD: misc.c,v 1.3 1996/12/22 02:57:49 tholo Exp $	*/
 
 /*
  * Miscellaneous functions
@@ -308,7 +308,9 @@ change_flag(f, what, newval)
 #ifdef OS2
 		;
 #else /* OS2 */
+		seteuid(getuid());
 		setuid(getuid());
+		setegid(getgid());
 		setgid(getgid());
 #endif /* OS2 */
 	} else if (f == FPOSIX && newval) {
diff --git a/bin/pdksh/misc.c b/bin/pdksh/misc.c
index dcbd8130b18..5108389f6bf 100644
--- a/bin/pdksh/misc.c
+++ b/bin/pdksh/misc.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: misc.c,v 1.2 1996/08/19 20:08:57 downsj Exp $	*/
+/*	$OpenBSD: misc.c,v 1.3 1996/12/22 02:57:49 tholo Exp $	*/
 
 /*
  * Miscellaneous functions
@@ -308,7 +308,9 @@ change_flag(f, what, newval)
 #ifdef OS2
 		;
 #else /* OS2 */
+		seteuid(getuid());
 		setuid(getuid());
+		setegid(getgid());
 		setgid(getgid());
 #endif /* OS2 */
 	} else if (f == FPOSIX && newval) {
diff --git a/bin/ps/ps.c b/bin/ps/ps.c
index 6e4b70e89b5..9d7d64e3da3 100644
--- a/bin/ps/ps.c
+++ b/bin/ps/ps.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ps.c,v 1.6 1996/12/14 12:18:10 mickey Exp $	*/
+/*	$OpenBSD: ps.c,v 1.7 1996/12/22 02:57:50 tholo Exp $	*/
 /*	$NetBSD: ps.c,v 1.15 1995/05/18 20:33:25 mycroft Exp $	*/
 
 /*-
@@ -44,7 +44,7 @@ static char copyright[] =
 #if 0
 static char sccsid[] = "@(#)ps.c	8.4 (Berkeley) 4/2/94";
 #else
-static char rcsid[] = "$OpenBSD: ps.c,v 1.6 1996/12/14 12:18:10 mickey Exp $";
+static char rcsid[] = "$OpenBSD: ps.c,v 1.7 1996/12/22 02:57:50 tholo Exp $";
 #endif
 #endif /* not lint */
 
@@ -267,8 +267,10 @@ main(argc, argv)
 	 * Discard setgid privileges if not the running kernel so that bad
 	 * guys can't print interesting stuff from kernel memory.
 	 */
-	if (nlistf != NULL || memf != NULL || swapf != NULL)
+	if (nlistf != NULL || memf != NULL || swapf != NULL) {
+		setegid(getgid());
 		setgid(getgid());
+	}
 
 	kd = kvm_openfiles(nlistf, memf, swapf, O_RDONLY, errbuf);
 	if (kd == 0)
diff --git a/bin/rcp/rcp.c b/bin/rcp/rcp.c
index c2383c34fa2..39112c5d95f 100644
--- a/bin/rcp/rcp.c
+++ b/bin/rcp/rcp.c
@@ -1,5 +1,5 @@
 /*	$NetBSD: rcp.c,v 1.9 1995/03/21 08:19:06 cgd Exp $	*/
-/*	$OpenBSD: rcp.c,v 1.7 1996/12/14 12:18:13 mickey Exp $	*/
+/*	$OpenBSD: rcp.c,v 1.8 1996/12/22 02:57:51 tholo Exp $	*/
 
 /*
  * Copyright (c) 1983, 1990, 1992, 1993
@@ -189,12 +189,14 @@ main(argc, argv)
 
 	if (fflag) {			/* Follow "protocol", send data. */
 		(void)response();
+		(void)seteuid(userid);
 		(void)setuid(userid);
 		source(argc, argv);
 		exit(errs);
 	}
 
 	if (tflag) {			/* Receive data. */
+		(void)seteuid(userid);
 		(void)setuid(userid);
 		sink(argc, argv);
 		exit(errs);
@@ -313,6 +315,7 @@ toremote(targ, argc, argv)
 				if (response() < 0)
 					exit(1);
 				(void)free(bp);
+				(void)seteuid(userid);
 				(void)setuid(userid);
 			}
 			source(1, argv+i);
diff --git a/bin/rcp/util.c b/bin/rcp/util.c
index aebe3b257ca..eeeaeac31ad 100644
--- a/bin/rcp/util.c
+++ b/bin/rcp/util.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: util.c,v 1.3 1996/09/03 09:35:31 deraadt Exp $	*/
+/*	$OpenBSD: util.c,v 1.4 1996/12/22 02:57:52 tholo Exp $	*/
 /*	$NetBSD: util.c,v 1.2 1995/03/21 08:19:08 cgd Exp $	*/
 
 /*-
@@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "@(#)util.c	8.2 (Berkeley) 4/2/94";
 #else
-static char rcsid[] = "$OpenBSD: util.c,v 1.3 1996/09/03 09:35:31 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: util.c,v 1.4 1996/12/22 02:57:52 tholo Exp $";
 #endif
 #endif /* not lint */
 
@@ -122,6 +122,7 @@ susystem(s, userid)
 		return (127);
 	
 	case 0:
+		(void)seteuid(userid);
 		(void)setuid(userid);
 		execl(_PATH_BSHELL, "sh", "-c", s, NULL);
 		_exit(127);