diff options
author | mpp <mpp@FreeBSD.org> | 2000-05-24 11:38:50 +0000 |
---|---|---|
committer | mpp <mpp@FreeBSD.org> | 2000-05-24 11:38:50 +0000 |
commit | 58f40f38fdcf9899ae193a745dee28b1f78970e5 (patch) | |
tree | 21d1aaf48cb777cb178506f6b940312b0655cf65 /usr.sbin/lpr | |
parent | aee7c5eed195e4d57e1b593bde1822c0b63e94a2 (diff) | |
download | FreeBSD-src-58f40f38fdcf9899ae193a745dee28b1f78970e5.zip FreeBSD-src-58f40f38fdcf9899ae193a745dee28b1f78970e5.tar.gz |
Re-implement my fix from rev 1.6 (same rev for both files being committed)
that was lost during the lite-2 merge. From the original commit message:
Initialize the group list so that any filter programs that are
run by lpd are not run with root's groups.
Diffstat (limited to 'usr.sbin/lpr')
-rw-r--r-- | usr.sbin/lpr/lpd/printjob.c | 11 | ||||
-rw-r--r-- | usr.sbin/lpr/runqueue/printjob.c | 11 |
2 files changed, 20 insertions, 2 deletions
diff --git a/usr.sbin/lpr/lpd/printjob.c b/usr.sbin/lpr/lpd/printjob.c index a3e3f28..a33289e 100644 --- a/usr.sbin/lpr/lpd/printjob.c +++ b/usr.sbin/lpr/lpd/printjob.c @@ -1317,6 +1317,7 @@ dofork(pp, action) int action; { register int i, pid; + struct passwd *pwd; for (i = 0; i < 20; i++) { if ((pid = fork()) < 0) { @@ -1326,8 +1327,16 @@ dofork(pp, action) /* * Child should run as daemon instead of root */ - if (pid == 0) + if (pid == 0) { + if ((pwd = getpwuid(pp->daemon_user)) == NULL) { + syslog(LOG_ERR, "Can't lookup default daemon uid (%d) in password file", + pp->daemon_user); + break; + } + initgroups(pwd->pw_name, pwd->pw_gid); + setgid(pwd->pw_gid); setuid(pp->daemon_user); + } return(pid); } syslog(LOG_ERR, "can't fork"); diff --git a/usr.sbin/lpr/runqueue/printjob.c b/usr.sbin/lpr/runqueue/printjob.c index c5f7990..a1f3e23 100644 --- a/usr.sbin/lpr/runqueue/printjob.c +++ b/usr.sbin/lpr/runqueue/printjob.c @@ -1307,6 +1307,7 @@ dofork(pp, action) int action; { register int i, pid; + struct passwd *pwd; for (i = 0; i < 20; i++) { if ((pid = fork()) < 0) { @@ -1316,8 +1317,16 @@ dofork(pp, action) /* * Child should run as daemon instead of root */ - if (pid == 0) + if (pid == 0) { + if ((pwd = getpwuid(pp->daemon_user)) == NULL) { + syslog(LOG_ERR, "Can't lookup default daemon uid (%d) in password file", + pp->daemon_user); + break; + } + initgroups(pwd->pw_name, pwd->pw_gid); + setgid(pwd->pw_gid); setuid(pp->daemon_user); + } return(pid); } syslog(LOG_ERR, "can't fork"); |