Prepare for exec properly and check return values

Submitted by: Arjan de Vet <devet@IAEhv.nl>

2 files changed, 19 insertions, 5 deletions

diff --git a/usr.sbin/ppp/chat.c b/usr.sbin/ppp/chat.c
index 17ce6ea..7c96e31 100644
--- a/usr.sbin/ppp/chat.c
+++ b/usr.sbin/ppp/chat.c
@@ -18,7 +18,7 @@
  *		Columbus, OH  43221
  *		(614)451-1883
  *
- * $Id: chat.c,v 1.9 1996/04/06 02:00:17 ache Exp $
+ * $Id: chat.c,v 1.10 1996/05/11 20:48:20 phk Exp $
  *
  *  TODO:
  *	o Support more UUCP compatible control sequences.
@@ -393,6 +393,15 @@ char *command, *out;
     nb = open("/dev/tty", O_RDWR);
     dup2(nb, 0);
 LogPrintf(LOG_CHAT_BIT, "exec: %s\n", command);
+    /* switch back to original privileges */
+    if (setgid(getgid()) < 0) {
+      LogPrintf(LOG_CHAT_BIT, "setgid: %s\n", strerror(errno));
+      exit(1);
+    }
+    if (setuid(getuid()) < 0) {
+      LogPrintf(LOG_CHAT_BIT, "setuid: %s\n", strerror(errno));
+      exit(1);
+    }
     pid = execvp(command, vector);
     LogPrintf(LOG_CHAT_BIT, "execvp failed for (%d/%d): %s\n", pid, errno, command);
     exit(127);
diff --git a/usr.sbin/ppp/command.c b/usr.sbin/ppp/command.c
index d73dfa8..c22eff2 100644
--- a/usr.sbin/ppp/command.c
+++ b/usr.sbin/ppp/command.c
@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: command.c,v 1.16 1996/03/08 13:22:23 ache Exp $
+ * $Id: command.c,v 1.17 1996/05/11 20:48:22 phk Exp $
  *
  */
 #include <sys/types.h>
@@ -190,9 +190,14 @@ char **argv;
       * We are running setuid, we should change to
       * real user for avoiding security problems.
       */
-     setgid( getgid() );
-     setuid( getuid() );
-
+     if (setgid(getgid()) < 0) {
+	perror("setgid");
+	exit(1);
+     }
+     if (setuid(getuid()) < 0) {
+	perror("setuid");
+	exit(1);
+     }
      TtyOldMode();
      if(argc > 0)
        execvp(argv[0], argv);