diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2005-05-03 05:44:36 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2005-05-03 05:44:36 +0000 |
| commit | 3cfd5c82fb4a8cd553756bb8354ce3b91327726d (patch) | |
| tree | f3e55f091971ad16d65095ca73bb935a5963793c /usr.sbin/syslogd | |
| parent | ccea40a793d4d704e3b9ed9dc47d3160081ee0b0 (diff) | |
setres[ug]id; ok deraadt@
Diffstat (limited to 'usr.sbin/syslogd')
| -rw-r--r-- | usr.sbin/syslogd/privsep.c | 19 |
1 files changed, 6 insertions, 13 deletions
diff --git a/usr.sbin/syslogd/privsep.c b/usr.sbin/syslogd/privsep.c index 927e2d5cb16..6e1f90804d2 100644 --- a/usr.sbin/syslogd/privsep.c +++ b/usr.sbin/syslogd/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.23 2004/09/14 23:41:29 deraadt Exp $ */ +/* $OpenBSD: privsep.c,v 1.24 2005/05/03 05:44:35 djm Exp $ */ /* * Copyright (c) 2003 Anil Madhavapeddy <anil@recoil.org> @@ -123,25 +123,18 @@ priv_init(char *conf, int numeric, int lockfd, int nullfd, char *argv[]) err(1, "fork() failed"); if (!child_pid) { - gid_t gidset[1]; - /* Child - drop privileges and return */ if (chroot(pw->pw_dir) != 0) err(1, "unable to chroot"); if (chdir("/") != 0) err(1, "unable to chdir"); - gidset[0] = pw->pw_gid; - if (setgroups(1, gidset) == -1) + if (setgroups(1, &pw->pw_gid) == -1) err(1, "setgroups() failed"); - if (setegid(pw->pw_gid) == -1) - err(1, "setegid() failed"); - if (setgid(pw->pw_gid) == -1) - err(1, "setgid() failed"); - if (seteuid(pw->pw_uid) == -1) - err(1, "seteuid() failed"); - if (setuid(pw->pw_uid) == -1) - err(1, "setuid() failed"); + if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) + err(1, "setresgid() failed"); + if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) + err(1, "setresuid() failed"); close(socks[0]); priv_fd = socks[1]; return 0; |