summaryrefslogtreecommitdiffstats
path: root/usr.sbin/mrouted/mapper.c
diff options
context:
space:
mode:
authorfenner <fenner@FreeBSD.org>1996-10-01 23:14:35 +0000
committerfenner <fenner@FreeBSD.org>1996-10-01 23:14:35 +0000
commitf0be48c6af2eaec668865dff86d62e3f008a8ef5 (patch)
tree5f918dd1d092d1a7ae36f00e49095a8cc8f24101 /usr.sbin/mrouted/mapper.c
parent7960c9984d0275acf13a0caf86609519bd757f03 (diff)
downloadFreeBSD-src-f0be48c6af2eaec668865dff86d62e3f008a8ef5.zip
FreeBSD-src-f0be48c6af2eaec668865dff86d62e3f008a8ef5.tar.gz
Release setuid immediately after initializing; this minimizes the
possibility of security holes allowing root penetration. Inspired by: Mark Handley <M.Handley@cs.ucl.ac.uk> and Theo de Raadt <deraadt@theos.com> independently Submitted by: Theo de Raadt <deraadt@theos.com>
Diffstat (limited to 'usr.sbin/mrouted/mapper.c')
-rw-r--r--usr.sbin/mrouted/mapper.c13
1 files changed, 7 insertions, 6 deletions
diff --git a/usr.sbin/mrouted/mapper.c b/usr.sbin/mrouted/mapper.c
index 1eacd04..076778f 100644
--- a/usr.sbin/mrouted/mapper.c
+++ b/usr.sbin/mrouted/mapper.c
@@ -1,7 +1,7 @@
/* Mapper for connections between MRouteD multicast routers.
* Written by Pavel Curtis <Pavel@PARC.Xerox.Com>
*
- * $Id: mapper.c,v 3.8 1995/11/29 22:36:57 fenner Rel $
+ * $Id: mapper.c,v 1.6 1996/01/06 21:09:53 peter Exp $
*/
/*
@@ -844,13 +844,16 @@ int main(argc, argv)
{
int flood = FALSE, graph = FALSE;
- setlinebuf(stderr);
-
if (geteuid() != 0) {
- fprintf(stderr, "must be root\n");
+ fprintf(stderr, "map-mbone: must be root\n");
exit(1);
}
+ init_igmp();
+ setuid(getuid());
+
+ setlinebuf(stderr);
+
argv++, argc--;
while (argc > 0 && argv[0][0] == '-') {
switch (argv[0][1]) {
@@ -899,8 +902,6 @@ int main(argc, argv)
if (debug)
fprintf(stderr, "Debug level %u\n", debug);
- init_igmp();
-
{ /* Find a good local address for us. */
int udp;
struct sockaddr_in addr;
OpenPOWER on IntegriCloud