diff options
author | ache <ache@FreeBSD.org> | 1996-12-18 19:46:21 +0000 |
---|---|---|
committer | ache <ache@FreeBSD.org> | 1996-12-18 19:46:21 +0000 |
commit | 3ea40235ca51f3c63c95236fdc9d6c9043b102e3 (patch) | |
tree | de184399b7edf680761a8d40b9c249ba87183e26 /gnu | |
parent | a9e84f99f0b25faf3d511893f86d13cdd7a78d20 (diff) | |
download | FreeBSD-src-3ea40235ca51f3c63c95236fdc9d6c9043b102e3.zip FreeBSD-src-3ea40235ca51f3c63c95236fdc9d6c9043b102e3.tar.gz |
Drop man priveledges before popen and restore them after it, because
it is possible to execute system command from f.e groff
Should be in 2.2
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/usr.bin/man/man/man.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/gnu/usr.bin/man/man/man.c b/gnu/usr.bin/man/man/man.c index e36530b..d079604 100644 --- a/gnu/usr.bin/man/man/man.c +++ b/gnu/usr.bin/man/man/man.c @@ -1108,16 +1108,28 @@ make_cat_file (path, man_file, cat_file) fprintf (stderr, "\ntrying command: %s\n", command); else { +#ifdef SETREUID + setreuid(-1, ruid); + setregid(-1, rgid); +#endif if ((pp = popen(command, "r")) == NULL) { s = errno; fprintf(stderr, "Failed.\n"); errno = s; perror("popen"); +#ifdef SETREUID + setreuid(-1, euid); + setregid(-1, egid); +#endif unlink(temp); restore_sigs(); fclose(fp); return 0; } +#ifdef SETREUID + setreuid(-1, euid); + setregid(-1, egid); +#endif while ((s = getc(pp)) != EOF) putc(s, fp); |