diff options
| author | ache <ache@FreeBSD.org> | 1995-04-15 22:08:10 +0000 |
|---|---|---|
| committer | ache <ache@FreeBSD.org> | 1995-04-15 22:08:10 +0000 |
| commit | 01787c4b0d94087dcae610c5d718dd901143620a (patch) | |
| tree | 7ab42361d1620dfb5d299ac29ed73a4574596eef /usr.bin | |
| parent | 3f3f7b26718c2044111a8f6218809200c005facf (diff) | |
| download | FreeBSD-src-01787c4b0d94087dcae610c5d718dd901143620a.zip FreeBSD-src-01787c4b0d94087dcae610c5d718dd901143620a.tar.gz | |
Fight over non-working setruid
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/at/at.c | 14 | ||||
| -rw-r--r-- | usr.bin/at/privs.h | 12 |
2 files changed, 15 insertions, 11 deletions
diff --git a/usr.bin/at/at.c b/usr.bin/at/at.c index f803af5..1807ba4 100644 --- a/usr.bin/at/at.c +++ b/usr.bin/at/at.c @@ -80,7 +80,7 @@ /* File scope variables */ -static char rcsid[] = "$Id: at.c,v 1.2 1994/06/08 18:19:43 kernel Exp $"; +static char rcsid[] = "$Id: at.c,v 1.2 1995/04/12 02:42:28 ache Exp $"; char *no_export[] = { "TERM", "TERMCAP", "DISPLAY", "_" @@ -250,12 +250,6 @@ writefile(time_t runtimer, char queue) PRIV_END - /* We no longer need suid root; now we just need to be able to write - * to the directory, if necessary. - */ - - REDUCE_PRIV(DAEMON_UID, DAEMON_GID) - /* We've successfully created the file; let's set the flag so it * gets removed in case of an interrupt or error. */ @@ -466,11 +460,13 @@ delete_jobs(int argc, char **argv) perr("Cannot change to " ATJOB_DIR); for (i=optind; i < argc; i++) { - if (stat(argv[i], &buf) != 0) + if (stat(argv[i], &buf) != 0) { perr(argv[i]); + continue; + } if ((buf.st_uid != real_uid) && !(real_uid == 0)) { fprintf(stderr, "%s: Not owner\n", argv[i]); - exit(EXIT_FAILURE); + continue; } if (unlink(argv[i]) != 0) perr(argv[i]); diff --git a/usr.bin/at/privs.h b/usr.bin/at/privs.h index 34fd690..5ed6c50 100644 --- a/usr.bin/at/privs.h +++ b/usr.bin/at/privs.h @@ -41,6 +41,15 @@ */ #define setreuid(r, e) seteuid(e) #define setregid(r, e) setegid(e) +#define SET_REAL_PRIV(a, b) {\ + setgid(b); \ + setuid(a); \ + } +#else +#define SET_REAL_PRIV(a. b) {\ + setregid((b), real_gid); \ + setreuid((a), real_uid); \ + } #endif /* Relinquish privileges temporarily for a setuid or setgid program @@ -114,7 +123,6 @@ gid_t real_gid, effective_gid; setregid(real_gid, effective_gid); \ effective_uid = (a); \ effective_gid = (b); \ - setregid(effective_gid, real_gid); \ - setreuid(effective_uid, real_uid); \ + SET_REAL_PRIV(a, b); \ } #endif |
