diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-08-18 19:07:28 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-08-18 19:07:28 +0000 |
| commit | 5ccde282dd76a373893304c6c650e3a68ec912ca (patch) | |
| tree | 9c93dcb9ff3c59e4553551e01aa0809edf5be022 /lib/libc/net | |
| parent | 90b9c9d4e0e6266778e0962784c954121db43636 (diff) | |
if setuid, no env variables
Diffstat (limited to 'lib/libc/net')
| -rw-r--r-- | lib/libc/net/res_init.c | 5 | ||||
| -rw-r--r-- | lib/libc/net/res_query.c | 2 |
2 files changed, 5 insertions, 2 deletions
diff --git a/lib/libc/net/res_init.c b/lib/libc/net/res_init.c index ff8e1b1e5e6..2a1f4542507 100644 --- a/lib/libc/net/res_init.c +++ b/lib/libc/net/res_init.c @@ -121,6 +121,7 @@ res_init() int nsort = 0; int dots; u_long mask; + int notsuid = (getuid() == geteuid()); _res.nsaddr.sin_len = sizeof(struct sockaddr_in); _res.nsaddr.sin_family = AF_INET; @@ -136,7 +137,7 @@ res_init() strncpy(_res.lookups, "f", sizeof _res.lookups); /* Allow user to override the local domain definition */ - if ((cp = getenv("LOCALDOMAIN")) != NULL) { + if (notsuid && (cp = getenv("LOCALDOMAIN")) != NULL) { (void)strncpy(_res.defdname, cp, sizeof(_res.defdname) - 1); if ((cp = strpbrk(_res.defdname, " \t\n")) != NULL) *cp = '\0'; @@ -340,7 +341,7 @@ res_init() #endif } - if ((cp = getenv("RES_OPTIONS")) != NULL) + if (notsuid && (cp = getenv("RES_OPTIONS")) != NULL) res_setoptions(cp, "env"); _res.options |= RES_INIT; return (0); diff --git a/lib/libc/net/res_query.c b/lib/libc/net/res_query.c index 81c4d3194d3..61b6cb35c9b 100644 --- a/lib/libc/net/res_query.c +++ b/lib/libc/net/res_query.c @@ -368,6 +368,8 @@ __hostalias(name) if (_res.options & RES_NOALIASES) return (NULL); + if (getuid() != setuid()) + return (NULL); file = getenv("HOSTALIASES"); if (file == NULL || (fp = fopen(file, "r")) == NULL) return (NULL); |