diff options
author | maxim <maxim@FreeBSD.org> | 2006-06-01 15:03:06 +0000 |
---|---|---|
committer | maxim <maxim@FreeBSD.org> | 2006-06-01 15:03:06 +0000 |
commit | e66637299eb2c5aff5fb88d222a97050207fe19f (patch) | |
tree | 4c69ebd00717a71779ab2d89f736fae8b87ddbee /usr.sbin/cron | |
parent | 38d68c5332a52193f6eddf74862cfe8deeb8fc8a (diff) | |
download | FreeBSD-src-e66637299eb2c5aff5fb88d222a97050207fe19f.zip FreeBSD-src-e66637299eb2c5aff5fb88d222a97050207fe19f.tar.gz |
o Better be safe than sorry: check return code from setuid(2),
setgid(2), setlogin(2) and initgroups(3). In theory they could
fail for root with some third party mac(4) policies.
Submitted by: Kostik Belousov
MFC after: 1 month
Diffstat (limited to 'usr.sbin/cron')
-rw-r--r-- | usr.sbin/cron/cron/do_command.c | 25 | ||||
-rw-r--r-- | usr.sbin/cron/cron/popen.c | 13 |
2 files changed, 30 insertions, 8 deletions
diff --git a/usr.sbin/cron/cron/do_command.c b/usr.sbin/cron/cron/do_command.c index 258e4a2..1e6fe05 100644 --- a/usr.sbin/cron/cron/do_command.c +++ b/usr.sbin/cron/cron/do_command.c @@ -245,12 +245,29 @@ child_process(e, u) /* set our directory, uid and gid. Set gid first, * since once we set uid, we've lost root privledges. */ - setgid(e->gid); + if (setgid(e->gid) != 0) { + log_it(usernm, getpid(), + "error", "setgid failed"); + exit(ERROR_EXIT); + } # if defined(BSD) - initgroups(usernm, e->gid); + if (initgroups(usernm, e->gid) != 0) { + log_it(usernm, getpid(), + "error", "initgroups failed"); + exit(ERROR_EXIT); + } # endif - setlogin(usernm); - setuid(e->uid); /* we aren't root after this..*/ + if (setlogin(usernm) != 0) { + log_it(usernm, getpid(), + "error", "setlogin failed"); + exit(ERROR_EXIT); + } + if (setuid(e->uid) != 0) { + log_it(usernm, getpid(), + "error", "setuid failed"); + exit(ERROR_EXIT); + } + /* we aren't root after this..*/ #if defined(LOGIN_CAP) } if (lc != NULL) diff --git a/usr.sbin/cron/cron/popen.c b/usr.sbin/cron/cron/popen.c index 806676d..06e8c1c 100644 --- a/usr.sbin/cron/cron/popen.c +++ b/usr.sbin/cron/cron/popen.c @@ -175,12 +175,17 @@ cron_popen(program, type, e) /* set our directory, uid and gid. Set gid first, * since once we set uid, we've lost root privledges. */ - setgid(e->gid); + if (setgid(e->gid) != 0) + _exit(ERROR_EXIT); # if defined(BSD) - initgroups(usernm, e->gid); + if (initgroups(usernm, e->gid) != 0) + _exit(ERROR_EXIT); # endif - setlogin(usernm); - setuid(e->uid); /* we aren't root after this..*/ + if (setlogin(usernm) != 0) + _exit(ERROR_EXIT); + if (setuid(e->uid) != 0) + _exit(ERROR_EXIT); + /* we aren't root after this..*/ #if defined(LOGIN_CAP) } if (lc != NULL) |