diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2002-06-08 01:53:44 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2002-06-08 01:53:44 +0000 |
| commit | 16c2ffab14daba8ec85369749a7f5da0849d2d55 (patch) | |
| tree | 913bd4afb3022d2751aea865e7a9a0c6d046fff1 /usr.sbin/lpr/lpq | |
| parent | f1da2a2b8fda92ebc29cd063f882352d44750caf (diff) | |
Remove setuid root from lp*. lpr needs to be setuid daemon so the
files it creates are not owned by the user spooling them but the
others (lpc, lpq, lprm) can get away with setgid daemon. lpd runs
as user daemon for most things, only changing its uid to 0 for
things that must be done as root.
For the time being, don't require connections to come from a reserved
port since lpq/lpr/lprm can't acquire that w/o setuid root. In the
near future we will have a mechanism for select non-root processes
to grab reserved ports.
The upshot of this is that spool directories must be writable by
group daemon and the files within the spool dirs must be owned by
daemon.
Diffstat (limited to 'usr.sbin/lpr/lpq')
| -rw-r--r-- | usr.sbin/lpr/lpq/Makefile | 5 | ||||
| -rw-r--r-- | usr.sbin/lpr/lpq/lpq.c | 14 |
2 files changed, 11 insertions, 8 deletions
diff --git a/usr.sbin/lpr/lpq/Makefile b/usr.sbin/lpr/lpq/Makefile index 79e229243dd..dcf9ec818a7 100644 --- a/usr.sbin/lpr/lpq/Makefile +++ b/usr.sbin/lpr/lpq/Makefile @@ -1,12 +1,11 @@ # from: @(#)Makefile 8.1 (Berkeley) 6/6/93 -# $OpenBSD: Makefile,v 1.3 2002/05/20 23:13:50 millert Exp $ +# $OpenBSD: Makefile,v 1.4 2002/06/08 01:53:43 millert Exp $ PROG= lpq CFLAGS+=-I${.CURDIR}/../common_source SRCS= lpq.c displayq.c common.c common_vars.c -BINOWN= root BINGRP= daemon -BINMODE=6555 +BINMODE=2555 BINDIR= /usr/bin .PATH: ${.CURDIR}/../common_source diff --git a/usr.sbin/lpr/lpq/lpq.c b/usr.sbin/lpr/lpq/lpq.c index bc90790276d..1ca80fdd1cb 100644 --- a/usr.sbin/lpr/lpq/lpq.c +++ b/usr.sbin/lpr/lpq/lpq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lpq.c,v 1.12 2002/05/20 23:13:50 millert Exp $ */ +/* $OpenBSD: lpq.c,v 1.13 2002/06/08 01:53:43 millert Exp $ */ /* $NetBSD: lpq.c,v 1.9 1999/12/07 14:54:47 mrg Exp $ */ /* @@ -45,7 +45,7 @@ static const char copyright[] = #if 0 static const char sccsid[] = "@(#)lpq.c 8.3 (Berkeley) 5/10/95"; #else -static const char rcsid[] = "$OpenBSD: lpq.c,v 1.12 2002/05/20 23:13:50 millert Exp $"; +static const char rcsid[] = "$OpenBSD: lpq.c,v 1.13 2002/06/08 01:53:43 millert Exp $"; #endif #endif /* not lint */ @@ -64,6 +64,7 @@ static const char rcsid[] = "$OpenBSD: lpq.c,v 1.12 2002/05/20 23:13:50 millert #include <ctype.h> #include <dirent.h> #include <err.h> +#include <errno.h> #include <unistd.h> #include <stdlib.h> #include <stdio.h> @@ -90,9 +91,11 @@ main(int argc, char **argv) char *buf, *cp; long l; - euid = geteuid(); - uid = getuid(); - seteuid(uid); + effective_uid = geteuid(); + real_uid = getuid(); + effective_gid = getegid(); + real_gid = getgid(); + PRIV_END; /* be safe */ if (gethostname(host, sizeof(host)) != 0) err(1, "gethostname"); @@ -162,6 +165,7 @@ main(int argc, char **argv) exit(0); } +/* XXX - could be common w/ lpd */ static int ckqueue(char *cap) { |