summaryrefslogtreecommitdiffstats
path: root/usr.bin/at/privs.h
Commit message (Collapse)AuthorAgeFilesLines
* - Switch order of setting real uid and gid. If we set uid first, then wegahr2013-04-121-1/+1
| | | | | | | | don't have enough privileges to set gid. This looks like a long standing bug, just recently revealed by r241852. Approved by: cognet
* Check the return error of set[ug]id. While this can never fail in theeadler2012-10-221-10/+10
| | | | | | | | | | | | | | current version of FreeBSD, this isn't guarenteed by the API. Custom security modules, or future implementations of the setuid and setgid may fail. PR: bin/172289 PR: bin/172290 PR: bin/172291 Submittud by: Erik Cederstrand <erik@cederstrand.dk> Discussed by: freebsd-security Approved by: cperciva MFC after: 1 week
* More -Wmissing-variable-declarations fixes.ed2012-10-191-7/+5
| | | | | | | | | | | | | | | | In addition to adding `static' where possible: - bin/date: Move `retval' into extern.h to make it visible to date.c. - bin/ed: Move globally used variables into ed.h. - sbin/camcontrol: Move `verbose' into camcontrol.h and fix shadow warnings. - usr.bin/calendar: Remove unneeded variables. - usr.bin/chat: Make `line' local instead of global. - usr.bin/elfdump: Comment out unneeded function. - usr.bin/rlogin: Use _Noreturn instead of __dead2. - usr.bin/tset: Pull `Ospeed' into extern.h. - usr.sbin/mfiutil: Put global variables in mfiutil.h. - usr.sbin/pkg: Remove unused `os_corres'. - usr.sbin/quotaon, usr.sbin/repquota: Remove unused `qfname'.
* Partially revert r227233.ed2011-11-061-2/+9
| | | | | | | | The privs.h header is not only used by at(1), it's also used by atrun(8). Just let the code the way it used to be (for now). Reported by: kwm, tinderbox Hat to: me
* Add missing static keywords to at(1).ed2011-11-061-9/+2
| | | | | | While there, tidy up the privs.h part, where at.c has to #define to declare some globals. Also group static and non-static global variables in at.c.
* SECURITY.ru2001-09-041-38/+33
| | | | | | | | | | | | | Fixed macros for temporarily relinquishing and restoring setuid/setgid privileges so that they never change the real user and group IDs of the calling process. The setre[ug]id() calls are still used in the REDUCE_PERM macro (with the r[ug]id arguments of -1) so that the call changes the saved user and group IDs of the process to that specified. Also, the panic() and perr() functions had insufficient privileges to delete the problematic file under /var/at.
* Correct use of .Nm, .Em, .Evcharnier1999-12-051-2/+4
| | | | | Add rcsid. Use errx instead of fprintf + exit. Various spelling fixes.
* Upgrade to 2.9ache1995-08-211-17/+23
|
* Remove trailing whitespace.rgrimes1995-05-301-3/+3
|
* Remove setre* hacks, we have working thing nowache1995-04-271-40/+17
|
* Fight over non-working setruidache1995-04-151-2/+10
|
* Upgrade.ache1995-04-121-28/+56
|
* Added at/atrm/atq/batch from Linux as hacked by Chris Demetriou.nate1994-01-051-0/+92
OpenPOWER on IntegriCloud