summaryrefslogtreecommitdiff
path: root/usr.bin/sup
diff options
context:
space:
mode:
authorThorsten Lockert <tholo@cvs.openbsd.org>1996-12-22 03:26:11 +0000
committerThorsten Lockert <tholo@cvs.openbsd.org>1996-12-22 03:26:11 +0000
commitb9e51bce4b9f1693731b39bfbb2873af2e60d83c (patch)
tree9844363957c023a88374765f72c1a49440395ac5 /usr.bin/sup
parenta34740287ce7a6f408b47749029e29e62a63724d (diff)
Deal with _POSIX_SAVED_IDS when relinquishing privileges
Diffstat (limited to 'usr.bin/sup')
-rw-r--r--usr.bin/sup/src/run.c7
-rw-r--r--usr.bin/sup/src/supfilesrv.c13
2 files changed, 18 insertions, 2 deletions
diff --git a/usr.bin/sup/src/run.c b/usr.bin/sup/src/run.c
index ec11f15a613..995ebf5f158 100644
--- a/usr.bin/sup/src/run.c
+++ b/usr.bin/sup/src/run.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: run.c,v 1.2 1996/06/26 05:39:45 deraadt Exp $ */
+/* $OpenBSD: run.c,v 1.3 1996/12/22 03:26:04 tholo Exp $ */
/*
* Copyright (c) 1991 Carnegie Mellon University
@@ -50,6 +50,9 @@
**********************************************************************
* HISTORY
* $Log: run.c,v $
+ * Revision 1.3 1996/12/22 03:26:04 tholo
+ * Deal with _POSIX_SAVED_IDS when relinquishing privileges
+ *
* Revision 1.2 1996/06/26 05:39:45 deraadt
* rcsid
*
@@ -170,7 +173,9 @@ int usepath;
return(-1); /* no more process's, so exit with error */
if (pid == 0) { /* child process */
+ setegid (getgid());
setgid (getgid());
+ seteuid (getuid());
setuid (getuid());
(*execrtn) (name,argv);
fprintf (stderr,"run: can't exec %s\n",name);
diff --git a/usr.bin/sup/src/supfilesrv.c b/usr.bin/sup/src/supfilesrv.c
index 60ad85401a2..c052fffa03b 100644
--- a/usr.bin/sup/src/supfilesrv.c
+++ b/usr.bin/sup/src/supfilesrv.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: supfilesrv.c,v 1.4 1996/07/31 11:11:31 niklas Exp $ */
+/* $OpenBSD: supfilesrv.c,v 1.5 1996/12/22 03:26:05 tholo Exp $ */
/*
* Copyright (c) 1992 Carnegie Mellon University
@@ -44,6 +44,9 @@
* across the network to save BandWidth
*
* $Log: supfilesrv.c,v $
+ * Revision 1.5 1996/12/22 03:26:05 tholo
+ * Deal with _POSIX_SAVED_IDS when relinquishing privileges
+ *
* Revision 1.4 1996/07/31 11:11:31 niklas
* Better use time_t instead of long when dealing with times
*
@@ -1647,15 +1650,23 @@ int fileuid,filegid;
#if CMUCS
if (setgroups (grps[0], &grps[1]) < 0)
logerr ("setgroups: %%m");
+ if (setegid ((gid_t)grp->gr_gid) < 0)
+ logerr ("setegid: %%m");
if (setgid ((gid_t)grp->gr_gid) < 0)
logerr ("setgid: %%m");
+ if (seteuid ((uid_t)pwd->pw_uid) < 0)
+ logerr ("seteuid: %%m");
if (setuid ((uid_t)pwd->pw_uid) < 0)
logerr ("setuid: %%m");
#else /* CMUCS */
if (initgroups (pwd->pw_name,pwd->pw_gid) < 0)
return("Error setting group list");
+ if (setegid (pwd->pw_gid) < 0)
+ logerr ("setegid: %%m");
if (setgid (pwd->pw_gid) < 0)
logerr ("setgid: %%m");
+ if (seteuid (pwd->pw_uid) < 0)
+ logerr ("seteuid: %%m");
if (setuid (pwd->pw_uid) < 0)
logerr ("setuid: %%m");
#endif /* CMUCS */