diff options
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/at/at.c | 8 | ||||
| -rw-r--r-- | usr.bin/at/privs.h | 57 |
2 files changed, 24 insertions, 41 deletions
diff --git a/usr.bin/at/at.c b/usr.bin/at/at.c index 1807ba4..70fc6c9 100644 --- a/usr.bin/at/at.c +++ b/usr.bin/at/at.c @@ -80,7 +80,7 @@ /* File scope variables */ -static char rcsid[] = "$Id: at.c,v 1.2 1995/04/12 02:42:28 ache Exp $"; +static char rcsid[] = "$Id: at.c,v 1.3 1995/04/15 22:08:08 ache Exp $"; char *no_export[] = { "TERM", "TERMCAP", "DISPLAY", "_" @@ -250,6 +250,12 @@ writefile(time_t runtimer, char queue) PRIV_END + /* We no longer need suid root; now we just need to be able to write + * to the directory, if necessary. + */ + + REDUCE_PRIV(DAEMON_UID, DAEMON_GID) + /* We've successfully created the file; let's set the flag so it * gets removed in case of an interrupt or error. */ diff --git a/usr.bin/at/privs.h b/usr.bin/at/privs.h index 5ed6c50..2fcaf10 100644 --- a/usr.bin/at/privs.h +++ b/usr.bin/at/privs.h @@ -2,25 +2,19 @@ * privs.h - header for privileged operations * Copyright (C) 1993 Thomas Koenig * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. The name of the author(s) may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ #ifndef _PRIVS_H @@ -34,24 +28,6 @@ #include <unistd.h> #endif -#ifdef __FreeBSD__ -/* - * setre[ug]id() not change r[ug]id for FreeBSD, but check it incorrectly - * for this program - */ -#define setreuid(r, e) seteuid(e) -#define setregid(r, e) setegid(e) -#define SET_REAL_PRIV(a, b) {\ - setgid(b); \ - setuid(a); \ - } -#else -#define SET_REAL_PRIV(a. b) {\ - setregid((b), real_gid); \ - setreuid((a), real_uid); \ - } -#endif - /* Relinquish privileges temporarily for a setuid or setgid program * with the option of getting them back later. This is done by swapping * the real and effective userid BSD style. Call RELINQUISH_PRIVS once @@ -96,8 +72,8 @@ gid_t real_gid, effective_gid; effective_uid = geteuid(); \ real_gid = getgid(); \ effective_gid = getegid(); \ - setregid(effective_gid, real_gid); \ setreuid(effective_uid, real_uid); \ + setregid(effective_gid, real_gid); \ } #define RELINQUISH_PRIVS_ROOT(a,b) { \ @@ -105,8 +81,8 @@ gid_t real_gid, effective_gid; effective_uid = geteuid(); \ real_gid = (b); \ effective_gid = getegid(); \ - setregid(effective_gid, real_gid); \ setreuid(effective_uid, real_uid); \ + setregid(effective_gid, real_gid); \ } #define PRIV_START {\ @@ -114,8 +90,8 @@ gid_t real_gid, effective_gid; setregid(real_gid, effective_gid); #define PRIV_END \ - setregid(effective_gid, real_gid); \ setreuid(effective_uid, real_uid); \ + setregid(effective_gid, real_gid); \ } #define REDUCE_PRIV(a,b) {\ @@ -123,6 +99,7 @@ gid_t real_gid, effective_gid; setregid(real_gid, effective_gid); \ effective_uid = (a); \ effective_gid = (b); \ - SET_REAL_PRIV(a, b); \ + setregid(effective_gid, real_gid); \ + setreuid(effective_uid, real_uid); \ } #endif |
