src - OpenBSD base system

diff options


context:
space:
mode:

author	Nicholas Marriott <nicm@cvs.openbsd.org>	2009-12-12 18:14:01 +0000
committer	Nicholas Marriott <nicm@cvs.openbsd.org>	2009-12-12 18:14:01 +0000
commit	86582b11f5515b146106b5a05478a05e995c44a6 (patch)
tree	95696c86808bf95012c21f0b59b5d9f48d4bfbeb /usr.bin
parent	498498ae2c82c07d5e9ffb9b89d6223df241b667 (diff)

tip is not setuid or setgid anymore and there are no PRIV/EXPR commands, so

remove the code. ok deraadt

Diffstat (limited to 'usr.bin')

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

5 files changed, 23 insertions, 99 deletions

diff --git a/usr.bin/tip/cmds.c b/usr.bin/tip/cmds.c
index f96b2962bf2..af8ffdceaa3 100644
--- a/usr.bin/tip/cmds.c
+++ b/usr.bin/tip/cmds.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: cmds.c,v 1.29 2009/12/12 13:38:09 nicm Exp $ */

+/* $OpenBSD: cmds.c,v 1.30 2009/12/12 18:13:59 nicm Exp $ */

/* $NetBSD: cmds.c,v 1.7 1997/02/11 09:24:03 mrg Exp $ */

@@ -588,7 +588,6 @@ shell(int c)

cp = value(SHELL);

else

cp++;

- shell_uid();

execl(value(SHELL), cp, (char *)NULL);

printf("\r\ncan't execl!\r\n");

exit(1);

@@ -650,7 +649,6 @@ tipabort(char *msg)

if (msg != NULL)

printf("\r\n%s", msg);

printf("\r\n[EOT]\r\n");

- daemon_uid();

(void)uu_unlock(uucplock);

unraw();

exit(0);

@@ -687,7 +685,6 @@ execute(char *s)

cp = value(SHELL);

else

cp++;

- shell_uid();

execl(value(SHELL), cp, "-c", s, (char *)NULL);

}

@@ -925,7 +922,6 @@ expand(char name[])

dup(pivec[1]);

close(pivec[1]);

close(2);

- shell_uid();

execl(Shell, Shell, "-c", cmdbuf, (char *)NULL);

_exit(1);

}

diff --git a/usr.bin/tip/cmdtab.c b/usr.bin/tip/cmdtab.c
index d33f48e5868..7276df62579 100644
--- a/usr.bin/tip/cmdtab.c
+++ b/usr.bin/tip/cmdtab.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: cmdtab.c,v 1.8 2009/10/27 23:59:44 deraadt Exp $ */

+/* $OpenBSD: cmdtab.c,v 1.9 2009/12/12 18:14:00 nicm Exp $ */

/* $NetBSD: cmdtab.c,v 1.3 1994/12/08 09:30:46 jtc Exp $ */

@@ -33,24 +33,24 @@

#include "tip.h"

esctable_t etable[] = {

- { '!', NORM, "shell", shell },

- { '<', NORM, "receive file from remote host", getfl },

- { '>', NORM, "send file to remote host", sendfile },

- { 't', NORM, "take file from remote UNIX", cu_take },

- { 'p', NORM, "put file to remote UNIX", cu_put },

- { '|', NORM, "pipe remote file", pipefile },

- { '$', NORM, "pipe local command to remote host", pipeout },

+ { '!', "shell", shell },

+ { '<', "receive file from remote host", getfl },

+ { '>', "send file to remote host", sendfile },

+ { 't', "take file from remote UNIX", cu_take },

+ { 'p', "put file to remote UNIX", cu_put },

+ { '|', "pipe remote file", pipefile },

+ { '$', "pipe local command to remote host", pipeout },

#ifdef CONNECT

- { 'C', NORM, "connect program to remote host",consh },

+ { 'C', "connect program to remote host", consh },

#endif

- { 'c', NORM, "change directory", chdirectory },

- { '.', NORM, "exit from tip", finish },

- {CTRL('d'),NORM,"exit from tip", finish },

- {CTRL('y'),NORM,"suspend tip (local+remote)", suspend },

- {CTRL('z'),NORM,"suspend tip (local only)", suspend },

- { 's', NORM, "set variable", variable },

- { 'v', NORM, "list variables", listvariables },

- { '?', NORM, "get this summary", help },

- { '#', NORM, "send break", genbrk },

+ { 'c', "change directory", chdirectory },

+ { '.', "exit from tip", finish },

+ { CTRL('d'), "exit from tip", finish },

+ { CTRL('y'), "suspend tip (local+remote)", suspend },

+ { CTRL('z'), "suspend tip (local only)", suspend },

+ { 's', "set variable", variable },

+ { 'v', "list variables", listvariables },

+ { '?', "get this summary", help },

+ { '#', "send break", genbrk },

{ 0, 0, 0 }

};

diff --git a/usr.bin/tip/cu.c b/usr.bin/tip/cu.c
index 5c3fb1cc752..d8f12e11faf 100644
--- a/usr.bin/tip/cu.c
+++ b/usr.bin/tip/cu.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: cu.c,v 1.24 2009/10/27 23:59:44 deraadt Exp $ */

+/* $OpenBSD: cu.c,v 1.25 2009/12/12 18:14:00 nicm Exp $ */

/* $NetBSD: cu.c,v 1.5 1997/02/11 09:24:05 mrg Exp $ */

@@ -165,7 +165,6 @@ getopt:

}

setbuf(stdout, NULL);

loginit();

- user_uid();

vinit();

switch (parity) {

case -1:

@@ -182,20 +181,17 @@ getopt:

if (HW && ttysetup(BR)) {

fprintf(stderr, "%s: unsupported speed %ld\n",

__progname, BR);

- daemon_uid();

(void)uu_unlock(uucplock);

exit(3);

}

if (con()) {

printf("Connect failed\n");

- daemon_uid();

(void)uu_unlock(uucplock);

exit(1);

}

if (!HW && ttysetup(BR)) {

fprintf(stderr, "%s: unsupported speed %ld\n",

__progname, BR);

- daemon_uid();

(void)uu_unlock(uucplock);

exit(3);

}

diff --git a/usr.bin/tip/tip.c b/usr.bin/tip/tip.c
index b5ef3dd5118..5b22763c85d 100644
--- a/usr.bin/tip/tip.c
+++ b/usr.bin/tip/tip.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: tip.c,v 1.36 2009/12/12 13:38:09 nicm Exp $ */

+/* $OpenBSD: tip.c,v 1.37 2009/12/12 18:14:00 nicm Exp $ */

/* $NetBSD: tip.c,v 1.13 1997/04/20 00:03:05 mellon Exp $ */

@@ -59,10 +59,6 @@ main(int argc, char *argv[])

/* XXX preserve previous braindamaged behavior */

setboolean(value(DC), TRUE);

- gid = getgid();

- egid = getegid();

- uid = getuid();

- euid = geteuid();

if (equal(__progname, "cu")) {

cumode = 1;

cumain(argc, argv);

@@ -144,15 +140,6 @@ notnumber:

loginit();

- * Now that we have the logfile and the ACU open

- * return to the real uid and gid. These things will

- * be closed on exit. Swap real and effective uid's

- * so we can get the original permissions back

- * for removing the uucp lock.

- */

- user_uid();

- /*

* Kludge, their's no easy way to get the initialization

* in the right order, so force it here

@@ -169,20 +156,17 @@ notnumber:

if (HW && ttysetup(number(value(BAUDRATE)))) {

fprintf(stderr, "%s: bad baud rate %ld\n", __progname,

number(value(BAUDRATE)));

- daemon_uid();

(void)uu_unlock(uucplock);

exit(3);

}

if ((p = con())) {

printf("\07%s\n[EOT]\n", p);

- daemon_uid();

(void)uu_unlock(uucplock);

exit(1);

}

if (!HW && ttysetup(number(value(BAUDRATE)))) {

fprintf(stderr, "%s: bad baud rate %ld\n", __progname,

number(value(BAUDRATE)));

- daemon_uid();

(void)uu_unlock(uucplock);

exit(3);

}

@@ -260,7 +244,6 @@ cucommon:

void

cleanup(int signo)

{

- daemon_uid();

(void)uu_unlock(uucplock);

if (odisc)

ioctl(0, TIOCSETD, &odisc);

@@ -273,42 +256,6 @@ cleanup(int signo)

}

- * Muck with user ID's. We are setuid to the owner of the lock

- * directory when we start. user_uid() reverses real and effective

- * ID's after startup, to run with the user's permissions.

- * daemon_uid() switches back to the privileged uid for unlocking.

- * Finally, to avoid running a shell with the wrong real uid,

- * shell_uid() sets real and effective uid's to the user's real ID.

- */

-static int uidswapped;

-void

-user_uid(void)

- if (uidswapped == 0) {

- seteuid(uid);

- uidswapped = 1;

- }

-void

-daemon_uid(void)

- if (uidswapped) {

- seteuid(euid);

- uidswapped = 0;

- }

-void

-shell_uid(void)

- setegid(gid);

- seteuid(uid);

-/*

* put the controlling keyboard into raw mode

void

@@ -440,8 +387,6 @@ escape(void)

/* XXX does not check for EOF */

for (p = etable; p->e_char; p++)

if (p->e_char == gch) {

- if ((p->e_flags&PRIV) && uid)

- continue;

printf("%s", ctrl(c));

(*p->e_func)(gch);

return (0);

@@ -523,11 +468,8 @@ help(int c)

printf("%c\r\n", c);

for (p = etable; p->e_char; p++) {

- if ((p->e_flags&PRIV) && uid)

- continue;

printf("%2s", ctrl(character(value(ESCAPE))));

- printf("%-2s %c %s\r\n", ctrl(p->e_char),

- p->e_flags&EXP ? '*': ' ', p->e_help);

+ printf("%-2s %s\r\n", ctrl(p->e_char), p->e_help);

}

diff --git a/usr.bin/tip/tip.h b/usr.bin/tip/tip.h
index be050df3749..055c2ce0d7a 100644
--- a/usr.bin/tip/tip.h
+++ b/usr.bin/tip/tip.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: tip.h,v 1.32 2009/12/12 13:38:09 nicm Exp $ */

+/* $OpenBSD: tip.h,v 1.33 2009/12/12 18:14:00 nicm Exp $ */

/* $NetBSD: tip.h,v 1.7 1997/04/20 00:02:46 mellon Exp $ */

@@ -168,16 +168,11 @@ typedef

typedef

struct {

char e_char; /* char to match on */

- char e_flags; /* experimental, privileged */

char *e_help; /* help string */

void (*e_func)(int); /* command */

}

esctable_t;

-#define NORM 00 /* normal protection, execute anyone */

-#define EXP 01 /* experimental, mark it with a `*' on help */

-#define PRIV 02 /* privileged, root execute only */

extern int vflag; /* verbose during reading of .tiprc file */

extern int noesc; /* no escape `~' char */

extern value_t vtable[]; /* variable table */

@@ -245,8 +240,6 @@ pid_t tipin_pid; /* pid of tipin */

int tipin_fd; /* tipin side of socketpair */

pid_t tipout_pid; /* pid of tipout */

int tipout_fd; /* tipout side of socketpair */

-uid_t uid, euid; /* real and effective user id's */

-gid_t gid, egid; /* real and effective group id's */

volatile sig_atomic_t stop; /* stop transfer session flag */

volatile sig_atomic_t quit; /* same; but on other end */

volatile sig_atomic_t stoprompt;/* for interrupting a prompt session */

@@ -303,7 +296,6 @@ void cour_disconnect(void);

void cu_put(int);

void cu_take(int);

void cumain(int, char **);

-void daemon_uid(void);

void df_abort(void);

void df_disconnect(void);

void disconnect(char *);

@@ -326,14 +318,12 @@ void sendfile(int);

void setparity(char *);

void setscript(void);

void shell(int);

-void shell_uid(void);

void suspend(int);

void t3000_disconnect(void);

void t3000_abort(void);

void timeout(int);

void tipabort(char *);

void tipout(void);

-void user_uid(void);

void unraw(void);

void v3451_abort(void);

void v3451_disconnect(void);