diff options
author | ache <ache@FreeBSD.org> | 1996-06-09 20:40:58 +0000 |
---|---|---|
committer | ache <ache@FreeBSD.org> | 1996-06-09 20:40:58 +0000 |
commit | 24909cdf1b7fcfb249c10a5726247140946b5bcb (patch) | |
tree | d2486f710089c9ea8296dee5b819a39458c5332d /usr.sbin/ppp | |
parent | f7458dfe5bdb551307603c2e36e959aa4d328798 (diff) | |
download | FreeBSD-src-24909cdf1b7fcfb249c10a5726247140946b5bcb.zip FreeBSD-src-24909cdf1b7fcfb249c10a5726247140946b5bcb.tar.gz |
Prepare for exec properly and check return values
Submitted by: Arjan de Vet <devet@IAEhv.nl>
Diffstat (limited to 'usr.sbin/ppp')
-rw-r--r-- | usr.sbin/ppp/chat.c | 11 | ||||
-rw-r--r-- | usr.sbin/ppp/command.c | 13 |
2 files changed, 19 insertions, 5 deletions
diff --git a/usr.sbin/ppp/chat.c b/usr.sbin/ppp/chat.c index 17ce6ea..7c96e31 100644 --- a/usr.sbin/ppp/chat.c +++ b/usr.sbin/ppp/chat.c @@ -18,7 +18,7 @@ * Columbus, OH 43221 * (614)451-1883 * - * $Id: chat.c,v 1.9 1996/04/06 02:00:17 ache Exp $ + * $Id: chat.c,v 1.10 1996/05/11 20:48:20 phk Exp $ * * TODO: * o Support more UUCP compatible control sequences. @@ -393,6 +393,15 @@ char *command, *out; nb = open("/dev/tty", O_RDWR); dup2(nb, 0); LogPrintf(LOG_CHAT_BIT, "exec: %s\n", command); + /* switch back to original privileges */ + if (setgid(getgid()) < 0) { + LogPrintf(LOG_CHAT_BIT, "setgid: %s\n", strerror(errno)); + exit(1); + } + if (setuid(getuid()) < 0) { + LogPrintf(LOG_CHAT_BIT, "setuid: %s\n", strerror(errno)); + exit(1); + } pid = execvp(command, vector); LogPrintf(LOG_CHAT_BIT, "execvp failed for (%d/%d): %s\n", pid, errno, command); exit(127); diff --git a/usr.sbin/ppp/command.c b/usr.sbin/ppp/command.c index d73dfa8..c22eff2 100644 --- a/usr.sbin/ppp/command.c +++ b/usr.sbin/ppp/command.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: command.c,v 1.16 1996/03/08 13:22:23 ache Exp $ + * $Id: command.c,v 1.17 1996/05/11 20:48:22 phk Exp $ * */ #include <sys/types.h> @@ -190,9 +190,14 @@ char **argv; * We are running setuid, we should change to * real user for avoiding security problems. */ - setgid( getgid() ); - setuid( getuid() ); - + if (setgid(getgid()) < 0) { + perror("setgid"); + exit(1); + } + if (setuid(getuid()) < 0) { + perror("setuid"); + exit(1); + } TtyOldMode(); if(argc > 0) execvp(argv[0], argv); |