From 70c40d4148538a0444178303422a373e2fe2d0c7 Mon Sep 17 00:00:00 2001
From: bitblt <bitblt@cvs.openbsd.org>
Date: Tue, 25 Mar 1997 21:51:46 +0000
Subject: config file paranoia

---
 kerberosIV/krb/get_admhst.c | 4 +++-
 kerberosIV/krb/get_krbhst.c | 4 +++-
 kerberosIV/krb/get_krbrlm.c | 4 +++-
 kerberosIV/krb/getrealm.c   | 4 +++-
 4 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/kerberosIV/krb/get_admhst.c b/kerberosIV/krb/get_admhst.c
index 348f6037336..59d11450829 100644
--- a/kerberosIV/krb/get_admhst.c
+++ b/kerberosIV/krb/get_admhst.c
@@ -63,7 +63,9 @@ krb_get_admhst(h, r, n)
 
     if ((cnffile = fopen(KRB_CONF,"r")) == NULL) {
         char tbuf[128];
-        char *tdir = (char *) getenv("KRBCONFDIR");
+        char *tdir = NULL;
+        if (issetugid() == 0)
+	   tdir = (char *) getenv("KRBCONFDIR");
         strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
         tbuf[sizeof(tbuf)-1] = 0;
         strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf));
diff --git a/kerberosIV/krb/get_krbhst.c b/kerberosIV/krb/get_krbhst.c
index 54729309fdf..0dd0eb96ba1 100644
--- a/kerberosIV/krb/get_krbhst.c
+++ b/kerberosIV/krb/get_krbhst.c
@@ -71,7 +71,9 @@ krb_get_krbhst(h, r, n)
 
     if ((cnffile = fopen(KRB_CONF,"r")) == NULL) {
         char tbuf[128];
-        char *tdir = (char *) getenv("KRBCONFDIR");
+        char *tdir = NULL;
+	if (issetugid() == 0)
+	   tdir = (char *) getenv("KRBCONFDIR");
         strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
         tbuf[sizeof(tbuf)-1] = 0;
         strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf));
diff --git a/kerberosIV/krb/get_krbrlm.c b/kerberosIV/krb/get_krbrlm.c
index ee4a06efdb1..ff9f0ebc532 100644
--- a/kerberosIV/krb/get_krbrlm.c
+++ b/kerberosIV/krb/get_krbrlm.c
@@ -54,7 +54,9 @@ krb_get_lrealm(r, n)
 
     if ((cnffile = fopen(KRB_CONF, "r")) == NULL) {
         char tbuf[128];
-        char *tdir = (char *) getenv("KRBCONFDIR");
+        char *tdir = NULL;
+	if (issetugid() == 0) 
+	   tdir = (char *) getenv("KRBCONFDIR");
         strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
         tbuf[sizeof(tbuf)-1] = 0;
         strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf));
diff --git a/kerberosIV/krb/getrealm.c b/kerberosIV/krb/getrealm.c
index 45ab920d575..7d303287d60 100644
--- a/kerberosIV/krb/getrealm.c
+++ b/kerberosIV/krb/getrealm.c
@@ -82,7 +82,9 @@ krb_realmofhost(host)
 
 	if ((trans_file = fopen(KRB_RLM_TRANS, "r")) == (FILE *) 0) {
 	        char tbuf[128];
-		char *tdir = (char *) getenv("KRBCONFDIR");
+		char *tdir = NULL;
+		if (issetugid() == 0) 
+			tdir = (char *) getenv("KRBCONFDIR");
 		strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
 		tbuf[sizeof(tbuf)-1] = '\0';
 		strncat(tbuf, "/krb.realms", sizeof(tbuf) - strlen(tbuf));
-- 
cgit v1.2.3