diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-07-23 10:31:29 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-07-23 10:31:29 +0000 |
| commit | 5740a64046bbc3d976589eabe913efacb653fd48 (patch) | |
| tree | 9660adcef062891a478421b6c2d7a7083bc05fbb /sbin | |
| parent | 756ce2f0953ebbdd452295be27cb68e354b2f9c3 (diff) | |
ptrace is safe; limit preload to root
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/ping/ping.8 | 4 | ||||
| -rw-r--r-- | sbin/ping/ping.c | 22 |
2 files changed, 15 insertions, 11 deletions
diff --git a/sbin/ping/ping.8 b/sbin/ping/ping.8 index 58c75b7af4d..ddda81edf5b 100644 --- a/sbin/ping/ping.8 +++ b/sbin/ping/ping.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ping.8,v 1.4 1996/06/23 14:32:02 deraadt Exp $ +.\" $OpenBSD: ping.8,v 1.5 1996/07/23 10:31:27 deraadt Exp $ .\" $NetBSD: ping.8,v 1.10 1995/12/31 04:55:35 ghudson Exp $ .\" .\" Copyright (c) 1985, 1991, 1993 @@ -119,7 +119,7 @@ If is specified, .Nm ping sends that many packets as fast as possible before falling into its normal -mode of behavior. +mode of behavior. Only root may set a preload value. .It Fl n Numeric output only. No attempt will be made to lookup symbolic names for host addresses. diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c index 49c0a225354..3eac8259be3 100644 --- a/sbin/ping/ping.c +++ b/sbin/ping/ping.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ping.c,v 1.6 1996/07/23 08:36:44 deraadt Exp $ */ +/* $OpenBSD: ping.c,v 1.7 1996/07/23 10:31:28 deraadt Exp $ */ /* $NetBSD: ping.c,v 1.20 1995/08/11 22:37:58 cgd Exp $ */ /* @@ -47,7 +47,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; #else -static char rcsid[] = "$OpenBSD: ping.c,v 1.6 1996/07/23 08:36:44 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: ping.c,v 1.7 1996/07/23 10:31:28 deraadt Exp $"; #endif #endif /* not lint */ @@ -182,7 +182,7 @@ main(argc, argv) struct protoent *proto; struct in_addr saddr; register int i; - int ch, fdmask, hold, packlen, preload; + int ch, fdmask, hold = 1, packlen, preload; u_char *datap, *packet; char *target, hnamebuf[MAXHOSTNAMELEN]; u_char ttl = MAXTTL, loop = 1, df = 0; @@ -191,6 +191,14 @@ main(argc, argv) char rspace[3 + 4 * NROUTES + 1]; /* record route space */ #endif + if (!(proto = getprotobyname("icmp"))) + errx(1, "unknown protocol icmp"); + if ((s = socket(AF_INET, SOCK_RAW, proto->p_proto)) < 0) + err(1, "socket"); + + /* revoke privs */ + setuid(getuid()); + preload = 0; datap = &outpack[8 + sizeof(struct timeval)]; while ((ch = getopt(argc, argv, "DI:LRS:c:dfh:i:l:np:qrs:T:t:vw:")) != EOF) @@ -235,6 +243,8 @@ main(argc, argv) loop = 0; break; case 'l': + if (getuid() != 0) + errx(1, "must be root to specify preload"); preload = strtol(optarg, NULL, 0); if (preload < 0) errx(1, "bad preload value: %s", optarg); @@ -324,12 +334,6 @@ main(argc, argv) ident = getpid() & 0xFFFF; - if (!(proto = getprotobyname("icmp"))) - errx(1, "unknown protocol icmp"); - if ((s = socket(AF_INET, SOCK_RAW, proto->p_proto)) < 0) - err(1, "socket"); - hold = 1; - if (options & F_SADDR) { if (IN_MULTICAST(ntohl(to->sin_addr.s_addr))) moptions |= MULTICAST_IF; |