Lines 1-5
Link Here
|
1 |
--- main.c.orig Wed Oct 15 05:58:41 2003 |
1 |
--- main.c.orig Mon Dec 22 23:26:47 2003 |
2 |
+++ main.c Wed Oct 15 06:02:22 2003 |
2 |
+++ main.c Mon Dec 22 23:27:23 2003 |
3 |
@@ -9,7 +9,7 @@ |
3 |
@@ -9,7 +9,7 @@ |
4 |
/* +-------------------------------------------------------------------+ */ |
4 |
/* +-------------------------------------------------------------------+ */ |
5 |
|
5 |
|
Lines 9-15
Link Here
|
9 |
#include <syslog.h> |
9 |
#include <syslog.h> |
10 |
#include <pwd.h> |
10 |
#include <pwd.h> |
11 |
#include <grp.h> |
11 |
#include <grp.h> |
12 |
@@ -170,14 +170,11 @@ |
12 |
@@ -51,6 +51,7 @@ |
|
|
13 |
extern char *getpass(), *crypt(); |
14 |
|
15 |
char *Progname; |
16 |
+int fatal(char *s, ...); |
17 |
char *format_cmd(); |
18 |
char *GetCode(); |
19 |
cmd_t *Find(); |
20 |
@@ -170,14 +171,11 @@ |
13 |
return Go(new, num, argc, argv); |
21 |
return Go(new, num, argc, argv); |
14 |
} |
22 |
} |
15 |
|
23 |
|
Lines 26-32
Link Here
|
26 |
vfprintf(stderr, s, ap); |
34 |
vfprintf(stderr, s, ap); |
27 |
fputc('\n', stderr); |
35 |
fputc('\n', stderr); |
28 |
va_end(ap); |
36 |
va_end(ap); |
29 |
@@ -448,29 +445,17 @@ |
37 |
@@ -448,35 +446,28 @@ |
30 |
char *cp, *np; |
38 |
char *cp, *np; |
31 |
struct passwd *pw; |
39 |
struct passwd *pw; |
32 |
struct group *gr; |
40 |
struct group *gr; |
Lines 50-64
Link Here
|
50 |
- } |
58 |
- } |
51 |
- |
59 |
- |
52 |
if ((cp = FindOpt(cmd, "gid")) == NULL) { |
60 |
if ((cp = FindOpt(cmd, "gid")) == NULL) { |
53 |
; /* don't have a default */ |
61 |
- ; /* don't have a default */ |
|
|
62 |
+ if (setgid(0) < 0) |
63 |
+ fatal("Unable to set gid to default", cp); |
54 |
} else { |
64 |
} else { |
55 |
for (cp=GetField(cp, str); cp!=NULL; cp=GetField(cp, str)) { |
65 |
for (cp=GetField(cp, str); cp!=NULL; cp=GetField(cp, str)) { |
56 |
- if ((gr = getgrnam(cp)) != NULL) |
66 |
- if ((gr = getgrnam(cp)) != NULL) |
57 |
+ if ((gr = getgrnam(str)) != NULL) |
67 |
+ if ((gr = getgrnam(str)) != NULL) |
58 |
gidset[ngroups++] = gr->gr_gid; |
68 |
gidset[ngroups++] = gr->gr_gid; |
|
|
69 |
+ else |
70 |
+ gidset[ngroups++] = atoi(str); |
59 |
} |
71 |
} |
60 |
if (ngroups == 0) |
72 |
if (ngroups == 0) |
61 |
@@ -533,6 +518,18 @@ |
73 |
- fatal("Unable to setgid to any group"); |
|
|
74 |
+ fatal("Unable to set gid to any group"); |
75 |
if (setgroups(ngroups, gidset) < 0) |
76 |
- fatal("Set group failed"); |
77 |
+ fatal("Unable to set auxiliary groups"); |
78 |
+ if (setgid(gidset[0]) < 0) |
79 |
+ fatal("Unable to set gid to %s", gidset[0]); |
80 |
} |
81 |
|
82 |
if ((cp = FindOpt(cmd, "umask")) == NULL) { |
83 |
@@ -533,6 +524,17 @@ |
62 |
new_envp[curenv++] = environ[i]; |
84 |
new_envp[curenv++] = environ[i]; |
63 |
} |
85 |
} |
64 |
new_envp[curenv] = NULL; |
86 |
new_envp[curenv] = NULL; |
Lines 70-77
Link Here
|
70 |
+ if ((pw = getpwnam(cp)) == NULL) { |
92 |
+ if ((pw = getpwnam(cp)) == NULL) { |
71 |
+ if (setuid(atoi(cp)) < 0) |
93 |
+ if (setuid(atoi(cp)) < 0) |
72 |
+ fatal("Unable to set uid to %s", cp); |
94 |
+ fatal("Unable to set uid to %s", cp); |
73 |
+ } |
95 |
+ } else if (setuid(pw->pw_uid) < 0) |
74 |
+ if (setuid(pw->pw_uid) < 0) |
|
|
75 |
+ fatal("Unable to set uid to %s", cp); |
96 |
+ fatal("Unable to set uid to %s", cp); |
76 |
+ } |
97 |
+ } |