summaryrefslogtreecommitdiffstats
path: root/usr.bin
diff options
context:
space:
mode:
Diffstat (limited to 'usr.bin')
-rw-r--r--usr.bin/at/at.c8
-rw-r--r--usr.bin/at/privs.h57
2 files changed, 24 insertions, 41 deletions
diff --git a/usr.bin/at/at.c b/usr.bin/at/at.c
index 1807ba4..70fc6c9 100644
--- a/usr.bin/at/at.c
+++ b/usr.bin/at/at.c
@@ -80,7 +80,7 @@
/* File scope variables */
-static char rcsid[] = "$Id: at.c,v 1.2 1995/04/12 02:42:28 ache Exp $";
+static char rcsid[] = "$Id: at.c,v 1.3 1995/04/15 22:08:08 ache Exp $";
char *no_export[] =
{
"TERM", "TERMCAP", "DISPLAY", "_"
@@ -250,6 +250,12 @@ writefile(time_t runtimer, char queue)
PRIV_END
+ /* We no longer need suid root; now we just need to be able to write
+ * to the directory, if necessary.
+ */
+
+ REDUCE_PRIV(DAEMON_UID, DAEMON_GID)
+
/* We've successfully created the file; let's set the flag so it
* gets removed in case of an interrupt or error.
*/
diff --git a/usr.bin/at/privs.h b/usr.bin/at/privs.h
index 5ed6c50..2fcaf10 100644
--- a/usr.bin/at/privs.h
+++ b/usr.bin/at/privs.h
@@ -2,25 +2,19 @@
* privs.h - header for privileged operations
* Copyright (C) 1993 Thomas Koenig
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. The name of the author(s) may not be used to endorse or promote
- * products derived from this software without specific prior written
- * permission.
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
*
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifndef _PRIVS_H
@@ -34,24 +28,6 @@
#include <unistd.h>
#endif
-#ifdef __FreeBSD__
-/*
- * setre[ug]id() not change r[ug]id for FreeBSD, but check it incorrectly
- * for this program
- */
-#define setreuid(r, e) seteuid(e)
-#define setregid(r, e) setegid(e)
-#define SET_REAL_PRIV(a, b) {\
- setgid(b); \
- setuid(a); \
- }
-#else
-#define SET_REAL_PRIV(a. b) {\
- setregid((b), real_gid); \
- setreuid((a), real_uid); \
- }
-#endif
-
/* Relinquish privileges temporarily for a setuid or setgid program
* with the option of getting them back later. This is done by swapping
* the real and effective userid BSD style. Call RELINQUISH_PRIVS once
@@ -96,8 +72,8 @@ gid_t real_gid, effective_gid;
effective_uid = geteuid(); \
real_gid = getgid(); \
effective_gid = getegid(); \
- setregid(effective_gid, real_gid); \
setreuid(effective_uid, real_uid); \
+ setregid(effective_gid, real_gid); \
}
#define RELINQUISH_PRIVS_ROOT(a,b) { \
@@ -105,8 +81,8 @@ gid_t real_gid, effective_gid;
effective_uid = geteuid(); \
real_gid = (b); \
effective_gid = getegid(); \
- setregid(effective_gid, real_gid); \
setreuid(effective_uid, real_uid); \
+ setregid(effective_gid, real_gid); \
}
#define PRIV_START {\
@@ -114,8 +90,8 @@ gid_t real_gid, effective_gid;
setregid(real_gid, effective_gid);
#define PRIV_END \
- setregid(effective_gid, real_gid); \
setreuid(effective_uid, real_uid); \
+ setregid(effective_gid, real_gid); \
}
#define REDUCE_PRIV(a,b) {\
@@ -123,6 +99,7 @@ gid_t real_gid, effective_gid;
setregid(real_gid, effective_gid); \
effective_uid = (a); \
effective_gid = (b); \
- SET_REAL_PRIV(a, b); \
+ setregid(effective_gid, real_gid); \
+ setreuid(effective_uid, real_uid); \
}
#endif
OpenPOWER on IntegriCloud