diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2006-03-06 10:45:58 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2006-03-06 10:45:58 +0000 |
| commit | bc2cb0af87ca7084b9523e760d68aad4217276f8 (patch) | |
| tree | 61c35eb64e2d68f77ce6b3ce477f0c18eea079fd /sbin/pflogd/privsep.c | |
| parent | 5803ed8cfde384a9de032eaa23f79772700350bd (diff) | |
convert permanent privilege revocation to use setresuid/setresgid;
ok henning@
Diffstat (limited to 'sbin/pflogd/privsep.c')
| -rw-r--r-- | sbin/pflogd/privsep.c | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/sbin/pflogd/privsep.c b/sbin/pflogd/privsep.c index 66734ee2857..f1272eb4b33 100644 --- a/sbin/pflogd/privsep.c +++ b/sbin/pflogd/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.14 2006/01/15 16:38:04 canacar Exp $ */ +/* $OpenBSD: privsep.c,v 1.15 2006/03/06 10:45:56 djm Exp $ */ /* * Copyright (c) 2003 Can Erkin Acar @@ -98,16 +98,12 @@ priv_init(void) err(1, "unable to chdir"); gidset[0] = pw->pw_gid; + if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) + err(1, "setresgid() failed"); if (setgroups(1, gidset) == -1) err(1, "setgroups() failed"); - if (setegid(pw->pw_gid) == -1) - err(1, "setegid() failed"); - if (setgid(pw->pw_gid) == -1) - err(1, "setgid() failed"); - if (seteuid(pw->pw_uid) == -1) - err(1, "seteuid() failed"); - if (setuid(pw->pw_uid) == -1) - err(1, "setuid() failed"); + if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) + err(1, "setresuid() failed"); close(socks[0]); priv_fd = socks[1]; return 0; |