diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2014-04-01 02:16:38 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2014-04-01 02:16:38 +0000 |
| commit | 17932ead16c61151eda168cd52ed6bea3e19df1f (patch) | |
| tree | b43628a60bcc7a64d5725c63fe11f0afe71f08f5 /lib/libc | |
| parent | c334b28a537e9820761362052144a59adc803112 (diff) | |
Use setresuid() and setresgid(). OK guenther@ deraadt@
Diffstat (limited to 'lib/libc')
| -rw-r--r-- | lib/libc/gen/login_cap.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/lib/libc/gen/login_cap.c b/lib/libc/gen/login_cap.c index 1b527ca5be3..c6b5984f5e0 100644 --- a/lib/libc/gen/login_cap.c +++ b/lib/libc/gen/login_cap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_cap.c,v 1.29 2008/10/02 16:01:58 millert Exp $ */ +/* $OpenBSD: login_cap.c,v 1.30 2014/04/01 02:16:37 millert Exp $ */ /* * Copyright (c) 2000-2004 Todd C. Miller <Todd.Miller@courtesan.com> @@ -632,15 +632,16 @@ setusercontext(login_cap_t *lc, struct passwd *pwd, uid_t uid, u_int flags) } if (flags & LOGIN_SETGROUP) { - if (setgid(pwd->pw_gid) < 0) { - syslog(LOG_ERR, "setgid(%u): %m", (u_int)pwd->pw_gid); + if (setresgid(pwd->pw_gid, pwd->pw_gid, pwd->pw_gid) < 0) { + syslog(LOG_ERR, "setresgid(%u,%u,%u): %m", + pwd->pw_gid, pwd->pw_gid, pwd->pw_gid); login_close(flc); return (-1); } if (initgroups(pwd->pw_name, pwd->pw_gid) < 0) { syslog(LOG_ERR, "initgroups(%s,%u): %m", - pwd->pw_name, (u_int)pwd->pw_gid); + pwd->pw_name, pwd->pw_gid); login_close(flc); return (-1); } @@ -655,9 +656,9 @@ setusercontext(login_cap_t *lc, struct passwd *pwd, uid_t uid, u_int flags) } if (flags & LOGIN_SETUSER) { - (void) seteuid(uid); /* just in case */ - if (setuid(uid) < 0) { - syslog(LOG_ERR, "setuid(%u): %m", uid); + if (setresuid(uid, uid, uid) < 0) { + syslog(LOG_ERR, "setresuid(%u,%u,%u): %m", + uid, uid, uid); login_close(flc); return (-1); } |