From 86582b11f5515b146106b5a05478a05e995c44a6 Mon Sep 17 00:00:00 2001 From: Nicholas Marriott Date: Sat, 12 Dec 2009 18:14:01 +0000 Subject: tip is not setuid or setgid anymore and there are no PRIV/EXPR commands, so remove the code. ok deraadt --- usr.bin/tip/cmds.c | 6 +---- usr.bin/tip/cmdtab.c | 36 +++++++++++++++--------------- usr.bin/tip/cu.c | 6 +---- usr.bin/tip/tip.c | 62 ++-------------------------------------------------- usr.bin/tip/tip.h | 12 +--------- 5 files changed, 23 insertions(+), 99 deletions(-) (limited to 'usr.bin') diff --git a/usr.bin/tip/cmds.c b/usr.bin/tip/cmds.c index f96b2962bf2..af8ffdceaa3 100644 --- a/usr.bin/tip/cmds.c +++ b/usr.bin/tip/cmds.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cmds.c,v 1.29 2009/12/12 13:38:09 nicm Exp $ */ +/* $OpenBSD: cmds.c,v 1.30 2009/12/12 18:13:59 nicm Exp $ */ /* $NetBSD: cmds.c,v 1.7 1997/02/11 09:24:03 mrg Exp $ */ /* @@ -588,7 +588,6 @@ shell(int c) cp = value(SHELL); else cp++; - shell_uid(); execl(value(SHELL), cp, (char *)NULL); printf("\r\ncan't execl!\r\n"); exit(1); @@ -650,7 +649,6 @@ tipabort(char *msg) if (msg != NULL) printf("\r\n%s", msg); printf("\r\n[EOT]\r\n"); - daemon_uid(); (void)uu_unlock(uucplock); unraw(); exit(0); @@ -687,7 +685,6 @@ execute(char *s) cp = value(SHELL); else cp++; - shell_uid(); execl(value(SHELL), cp, "-c", s, (char *)NULL); } @@ -925,7 +922,6 @@ expand(char name[]) dup(pivec[1]); close(pivec[1]); close(2); - shell_uid(); execl(Shell, Shell, "-c", cmdbuf, (char *)NULL); _exit(1); } diff --git a/usr.bin/tip/cmdtab.c b/usr.bin/tip/cmdtab.c index d33f48e5868..7276df62579 100644 --- a/usr.bin/tip/cmdtab.c +++ b/usr.bin/tip/cmdtab.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cmdtab.c,v 1.8 2009/10/27 23:59:44 deraadt Exp $ */ +/* $OpenBSD: cmdtab.c,v 1.9 2009/12/12 18:14:00 nicm Exp $ */ /* $NetBSD: cmdtab.c,v 1.3 1994/12/08 09:30:46 jtc Exp $ */ /* @@ -33,24 +33,24 @@ #include "tip.h" esctable_t etable[] = { - { '!', NORM, "shell", shell }, - { '<', NORM, "receive file from remote host", getfl }, - { '>', NORM, "send file to remote host", sendfile }, - { 't', NORM, "take file from remote UNIX", cu_take }, - { 'p', NORM, "put file to remote UNIX", cu_put }, - { '|', NORM, "pipe remote file", pipefile }, - { '$', NORM, "pipe local command to remote host", pipeout }, + { '!', "shell", shell }, + { '<', "receive file from remote host", getfl }, + { '>', "send file to remote host", sendfile }, + { 't', "take file from remote UNIX", cu_take }, + { 'p', "put file to remote UNIX", cu_put }, + { '|', "pipe remote file", pipefile }, + { '$', "pipe local command to remote host", pipeout }, #ifdef CONNECT - { 'C', NORM, "connect program to remote host",consh }, + { 'C', "connect program to remote host", consh }, #endif - { 'c', NORM, "change directory", chdirectory }, - { '.', NORM, "exit from tip", finish }, - {CTRL('d'),NORM,"exit from tip", finish }, - {CTRL('y'),NORM,"suspend tip (local+remote)", suspend }, - {CTRL('z'),NORM,"suspend tip (local only)", suspend }, - { 's', NORM, "set variable", variable }, - { 'v', NORM, "list variables", listvariables }, - { '?', NORM, "get this summary", help }, - { '#', NORM, "send break", genbrk }, + { 'c', "change directory", chdirectory }, + { '.', "exit from tip", finish }, + { CTRL('d'), "exit from tip", finish }, + { CTRL('y'), "suspend tip (local+remote)", suspend }, + { CTRL('z'), "suspend tip (local only)", suspend }, + { 's', "set variable", variable }, + { 'v', "list variables", listvariables }, + { '?', "get this summary", help }, + { '#', "send break", genbrk }, { 0, 0, 0 } }; diff --git a/usr.bin/tip/cu.c b/usr.bin/tip/cu.c index 5c3fb1cc752..d8f12e11faf 100644 --- a/usr.bin/tip/cu.c +++ b/usr.bin/tip/cu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cu.c,v 1.24 2009/10/27 23:59:44 deraadt Exp $ */ +/* $OpenBSD: cu.c,v 1.25 2009/12/12 18:14:00 nicm Exp $ */ /* $NetBSD: cu.c,v 1.5 1997/02/11 09:24:05 mrg Exp $ */ /* @@ -165,7 +165,6 @@ getopt: } setbuf(stdout, NULL); loginit(); - user_uid(); vinit(); switch (parity) { case -1: @@ -182,20 +181,17 @@ getopt: if (HW && ttysetup(BR)) { fprintf(stderr, "%s: unsupported speed %ld\n", __progname, BR); - daemon_uid(); (void)uu_unlock(uucplock); exit(3); } if (con()) { printf("Connect failed\n"); - daemon_uid(); (void)uu_unlock(uucplock); exit(1); } if (!HW && ttysetup(BR)) { fprintf(stderr, "%s: unsupported speed %ld\n", __progname, BR); - daemon_uid(); (void)uu_unlock(uucplock); exit(3); } diff --git a/usr.bin/tip/tip.c b/usr.bin/tip/tip.c index b5ef3dd5118..5b22763c85d 100644 --- a/usr.bin/tip/tip.c +++ b/usr.bin/tip/tip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tip.c,v 1.36 2009/12/12 13:38:09 nicm Exp $ */ +/* $OpenBSD: tip.c,v 1.37 2009/12/12 18:14:00 nicm Exp $ */ /* $NetBSD: tip.c,v 1.13 1997/04/20 00:03:05 mellon Exp $ */ /* @@ -59,10 +59,6 @@ main(int argc, char *argv[]) /* XXX preserve previous braindamaged behavior */ setboolean(value(DC), TRUE); - gid = getgid(); - egid = getegid(); - uid = getuid(); - euid = geteuid(); if (equal(__progname, "cu")) { cumode = 1; cumain(argc, argv); @@ -143,15 +139,6 @@ notnumber: setbuf(stdout, NULL); loginit(); - /* - * Now that we have the logfile and the ACU open - * return to the real uid and gid. These things will - * be closed on exit. Swap real and effective uid's - * so we can get the original permissions back - * for removing the uucp lock. - */ - user_uid(); - /* * Kludge, their's no easy way to get the initialization * in the right order, so force it here @@ -169,20 +156,17 @@ notnumber: if (HW && ttysetup(number(value(BAUDRATE)))) { fprintf(stderr, "%s: bad baud rate %ld\n", __progname, number(value(BAUDRATE))); - daemon_uid(); (void)uu_unlock(uucplock); exit(3); } if ((p = con())) { printf("\07%s\n[EOT]\n", p); - daemon_uid(); (void)uu_unlock(uucplock); exit(1); } if (!HW && ttysetup(number(value(BAUDRATE)))) { fprintf(stderr, "%s: bad baud rate %ld\n", __progname, number(value(BAUDRATE))); - daemon_uid(); (void)uu_unlock(uucplock); exit(3); } @@ -260,7 +244,6 @@ cucommon: void cleanup(int signo) { - daemon_uid(); (void)uu_unlock(uucplock); if (odisc) ioctl(0, TIOCSETD, &odisc); @@ -272,42 +255,6 @@ cleanup(int signo) exit(0); } -/* - * Muck with user ID's. We are setuid to the owner of the lock - * directory when we start. user_uid() reverses real and effective - * ID's after startup, to run with the user's permissions. - * daemon_uid() switches back to the privileged uid for unlocking. - * Finally, to avoid running a shell with the wrong real uid, - * shell_uid() sets real and effective uid's to the user's real ID. - */ -static int uidswapped; - -void -user_uid(void) -{ - if (uidswapped == 0) { - seteuid(uid); - uidswapped = 1; - } -} - -void -daemon_uid(void) -{ - - if (uidswapped) { - seteuid(euid); - uidswapped = 0; - } -} - -void -shell_uid(void) -{ - setegid(gid); - seteuid(uid); -} - /* * put the controlling keyboard into raw mode */ @@ -440,8 +387,6 @@ escape(void) /* XXX does not check for EOF */ for (p = etable; p->e_char; p++) if (p->e_char == gch) { - if ((p->e_flags&PRIV) && uid) - continue; printf("%s", ctrl(c)); (*p->e_func)(gch); return (0); @@ -523,11 +468,8 @@ help(int c) printf("%c\r\n", c); for (p = etable; p->e_char; p++) { - if ((p->e_flags&PRIV) && uid) - continue; printf("%2s", ctrl(character(value(ESCAPE)))); - printf("%-2s %c %s\r\n", ctrl(p->e_char), - p->e_flags&EXP ? '*': ' ', p->e_help); + printf("%-2s %s\r\n", ctrl(p->e_char), p->e_help); } } diff --git a/usr.bin/tip/tip.h b/usr.bin/tip/tip.h index be050df3749..055c2ce0d7a 100644 --- a/usr.bin/tip/tip.h +++ b/usr.bin/tip/tip.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tip.h,v 1.32 2009/12/12 13:38:09 nicm Exp $ */ +/* $OpenBSD: tip.h,v 1.33 2009/12/12 18:14:00 nicm Exp $ */ /* $NetBSD: tip.h,v 1.7 1997/04/20 00:02:46 mellon Exp $ */ /* @@ -168,16 +168,11 @@ typedef typedef struct { char e_char; /* char to match on */ - char e_flags; /* experimental, privileged */ char *e_help; /* help string */ void (*e_func)(int); /* command */ } esctable_t; -#define NORM 00 /* normal protection, execute anyone */ -#define EXP 01 /* experimental, mark it with a `*' on help */ -#define PRIV 02 /* privileged, root execute only */ - extern int vflag; /* verbose during reading of .tiprc file */ extern int noesc; /* no escape `~' char */ extern value_t vtable[]; /* variable table */ @@ -245,8 +240,6 @@ pid_t tipin_pid; /* pid of tipin */ int tipin_fd; /* tipin side of socketpair */ pid_t tipout_pid; /* pid of tipout */ int tipout_fd; /* tipout side of socketpair */ -uid_t uid, euid; /* real and effective user id's */ -gid_t gid, egid; /* real and effective group id's */ volatile sig_atomic_t stop; /* stop transfer session flag */ volatile sig_atomic_t quit; /* same; but on other end */ volatile sig_atomic_t stoprompt;/* for interrupting a prompt session */ @@ -303,7 +296,6 @@ void cour_disconnect(void); void cu_put(int); void cu_take(int); void cumain(int, char **); -void daemon_uid(void); void df_abort(void); void df_disconnect(void); void disconnect(char *); @@ -326,14 +318,12 @@ void sendfile(int); void setparity(char *); void setscript(void); void shell(int); -void shell_uid(void); void suspend(int); void t3000_disconnect(void); void t3000_abort(void); void timeout(int); void tipabort(char *); void tipout(void); -void user_uid(void); void unraw(void); void v3451_abort(void); void v3451_disconnect(void); -- cgit v1.2.3