diff options
-rw-r--r-- | libexec/tftpd/tftpd.c | 5 | ||||
-rw-r--r-- | sbin/ccdconfig/ccdconfig.c | 9 | ||||
-rw-r--r-- | sbin/restore/tape.c | 6 | ||||
-rw-r--r-- | usr.bin/lock/lock.c | 4 | ||||
-rw-r--r-- | usr.bin/msgs/msgs.c | 3 | ||||
-rw-r--r-- | usr.bin/wall/wall.c | 3 | ||||
-rw-r--r-- | usr.sbin/edquota/edquota.c | 6 | ||||
-rw-r--r-- | usr.sbin/kgmon/kgmon.c | 4 |
8 files changed, 29 insertions, 11 deletions
diff --git a/libexec/tftpd/tftpd.c b/libexec/tftpd/tftpd.c index 7363abf..a0010b3 100644 --- a/libexec/tftpd/tftpd.c +++ b/libexec/tftpd/tftpd.c @@ -371,7 +371,10 @@ main(int argc, char *argv[]) } chdir("/"); setgroups(1, &nobody->pw_gid); - setuid(nobody->pw_uid); + if (setuid(nobody->pw_uid) != 0) { + tftp_log(LOG_ERR, "setuid failed"); + exit(1); + } } len = sizeof(me_sock); diff --git a/sbin/ccdconfig/ccdconfig.c b/sbin/ccdconfig/ccdconfig.c index 6324150..76867ba 100644 --- a/sbin/ccdconfig/ccdconfig.c +++ b/sbin/ccdconfig/ccdconfig.c @@ -288,13 +288,16 @@ do_all(int action) rval = 0; egid = getegid(); - setegid(getgid()); + if (setegid(getgid()) != 0) + err(1, "setegid failed"); if ((f = fopen(ccdconf, "r")) == NULL) { - setegid(egid); + if (setegid(egid) != 0) + err(1, "setegid failed"); warn("fopen: %s", ccdconf); return (1); } - setegid(egid); + if (setegid(egid) != 0) + err(1, "setegid failed"); while (fgets(line, sizeof(line), f) != NULL) { argc = 0; diff --git a/sbin/restore/tape.c b/sbin/restore/tape.c index f63d573..4f34549 100644 --- a/sbin/restore/tape.c +++ b/sbin/restore/tape.c @@ -164,7 +164,11 @@ setinput(char *source, int ispipecommand) } pipein++; } - setuid(getuid()); /* no longer need or want root privileges */ + /* no longer need or want root privileges */ + if (setuid(getuid()) != 0) { + fprintf(stderr, "setuid failed\n"); + done(1); + } magtape = strdup(source); if (magtape == NULL) { fprintf(stderr, "Cannot allocate space for magtape buffer\n"); diff --git a/usr.bin/lock/lock.c b/usr.bin/lock/lock.c index 0382e83..acc0e29 100644 --- a/usr.bin/lock/lock.c +++ b/usr.bin/lock/lock.c @@ -129,7 +129,9 @@ main(int argc, char **argv) } timeout.tv_sec = sectimeout * 60; - setuid(getuid()); /* discard privs */ + /* discard privs */ + if (setuid(getuid()) != 0) + errx(1, "setuid failed"); if (tcgetattr(0, &tty)) /* get information for header */ exit(1); diff --git a/usr.bin/msgs/msgs.c b/usr.bin/msgs/msgs.c index e534fac..c4c589e 100644 --- a/usr.bin/msgs/msgs.c +++ b/usr.bin/msgs/msgs.c @@ -175,7 +175,8 @@ main(int argc, char *argv[]) setlocale(LC_ALL, ""); time(&t); - setuid(uid = getuid()); + if (setuid(uid = getuid()) != 0) + err(1, "setuid failed"); ruptible = (signal(SIGINT, SIG_IGN) == SIG_DFL); if (ruptible) signal(SIGINT, SIG_DFL); diff --git a/usr.bin/wall/wall.c b/usr.bin/wall/wall.c index dafd448..b3a63dc 100644 --- a/usr.bin/wall/wall.c +++ b/usr.bin/wall/wall.c @@ -240,7 +240,8 @@ makemsg(char *fname) setegid(getgid()); if (freopen(fname, "r", stdin) == NULL) err(1, "can't read %s", fname); - setegid(egid); + if (setegid(egid) != 0) + err(1, "setegid failed"); } cnt = 0; while (fgetws(lbuf, sizeof(lbuf)/sizeof(wchar_t), stdin)) { diff --git a/usr.sbin/edquota/edquota.c b/usr.sbin/edquota/edquota.c index 0957011..930a460 100644 --- a/usr.sbin/edquota/edquota.c +++ b/usr.sbin/edquota/edquota.c @@ -453,8 +453,10 @@ editit(char *tmpf) const char *ed; sigsetmask(omask); - setgid(getgid()); - setuid(getuid()); + if (setgid(getgid()) != 0) + err(1, "setgid failed"); + if (setuid(getuid()) != 0) + err(1, "setuid failed"); if ((ed = getenv("EDITOR")) == (char *)0) ed = _PATH_VI; execlp(ed, ed, tmpf, (char *)0); diff --git a/usr.sbin/kgmon/kgmon.c b/usr.sbin/kgmon/kgmon.c index d5cdf96..c691d6e 100644 --- a/usr.sbin/kgmon/kgmon.c +++ b/usr.sbin/kgmon/kgmon.c @@ -90,7 +90,9 @@ main(int argc, char **argv) struct kvmvars kvmvars; char *system, *kmemf; - seteuid(getuid()); + if (seteuid(getuid()) != 0) { + err(1, "seteuid failed\n"); + } kmemf = NULL; system = NULL; while ((ch = getopt(argc, argv, "M:N:Bbhpr")) != -1) { |