Deal with _POSIX_SAVED_IDS when relinquishing privileges

diff --git a/sbin/ccdconfig/ccdconfig.c b/sbin/ccdconfig/ccdconfig.c
index a1d4eca..3e2964b 100644 (file)
--- a/sbin/ccdconfig/ccdconfig.c
+++ b/sbin/ccdconfig/ccdconfig.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ccdconfig.c,v 1.5 1996/05/30 09:11:20 deraadt Exp $   */
+/*     $OpenBSD: ccdconfig.c,v 1.6 1996/12/22 03:00:47 deraadt Exp $   */
 /*     $NetBSD: ccdconfig.c,v 1.6 1996/05/16 07:11:18 thorpej Exp $    */
 
 /*-
@@ -168,8 +168,10 @@ main(argc, argv)
         * Discard setgid privileges if not the running kernel so that bad
         * guys can't print interesting stuff from kernel memory.
         */
-       if (core != NULL || kernel != NULL)
+       if (core != NULL || kernel != NULL) {
+               setegid(getgid());
                setgid(getgid());
+       }
 
        switch (action) {
                case CCD_CONFIG:

diff --git a/sbin/dmesg/dmesg.c b/sbin/dmesg/dmesg.c
index ad9e138..1782a13 100644 (file)
--- a/sbin/dmesg/dmesg.c
+++ b/sbin/dmesg/dmesg.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: dmesg.c,v 1.2 1996/06/23 14:30:08 deraadt Exp $       */
+/*     $OpenBSD: dmesg.c,v 1.3 1996/12/22 03:00:49 deraadt Exp $       */
 /*     $NetBSD: dmesg.c,v 1.8 1995/03/18 14:54:49 cgd Exp $    */
 
 /*-
@@ -44,7 +44,7 @@ static char copyright[] =
 #if 0
 static char sccsid[] = "@(#)dmesg.c    8.1 (Berkeley) 6/5/93";
 #else
-static char rcsid[] = "$OpenBSD: dmesg.c,v 1.2 1996/06/23 14:30:08 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: dmesg.c,v 1.3 1996/12/22 03:00:49 deraadt Exp $";
 #endif
 #endif /* not lint */
 
@@ -105,8 +105,10 @@ main(argc, argv)
         * Discard setgid privileges if not the running kernel so that bad
         * guys can't print interesting stuff from kernel memory.
         */
-       if (memf != NULL || nlistf != NULL)
+       if (memf != NULL || nlistf != NULL) {
+               setegid(getgid());
                setgid(getgid());
+       }
 
        /* Read in kernel message buffer, do sanity checks. */
        if ((kd = kvm_open(nlistf, memf, NULL, O_RDONLY, "dmesg")) == NULL)

diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c
index ea78678..c60f7b9 100644 (file)
--- a/sbin/ping/ping.c
+++ b/sbin/ping/ping.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ping.c,v 1.11 1996/12/14 15:35:26 deraadt Exp $       */
+/*     $OpenBSD: ping.c,v 1.12 1996/12/22 03:00:52 deraadt Exp $       */
 /*     $NetBSD: ping.c,v 1.20 1995/08/11 22:37:58 cgd Exp $    */
 
 /*
@@ -47,7 +47,7 @@ static char copyright[] =
 #if 0
 static char sccsid[] = "@(#)ping.c     8.1 (Berkeley) 6/5/93";
 #else
-static char rcsid[] = "$OpenBSD: ping.c,v 1.11 1996/12/14 15:35:26 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: ping.c,v 1.12 1996/12/22 03:00:52 deraadt Exp $";
 #endif
 #endif /* not lint */
 
@@ -199,6 +199,7 @@ main(argc, argv)
                err(1, "socket");
 
        /* revoke privs */
+       seteuid(getuid());
        setuid(getuid());
 
        preload = 0;

diff --git a/sbin/route/route.c b/sbin/route/route.c
index 918e80b..bf64254 100644 (file)
--- a/sbin/route/route.c
+++ b/sbin/route/route.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: route.c,v 1.15 1996/12/14 18:41:37 deraadt Exp $      */
+/*     $OpenBSD: route.c,v 1.16 1996/12/22 03:00:53 deraadt Exp $      */
 /*     $NetBSD: route.c,v 1.16 1996/04/15 18:27:05 cgd Exp $   */
 
 /*
@@ -44,7 +44,7 @@ static char copyright[] =
 #if 0
 static char sccsid[] = "@(#)route.c    8.3 (Berkeley) 3/19/94";
 #else
-static char rcsid[] = "$OpenBSD: route.c,v 1.15 1996/12/14 18:41:37 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: route.c,v 1.16 1996/12/22 03:00:53 deraadt Exp $";
 #endif
 #endif /* not lint */
 
@@ -174,6 +174,7 @@ main(argc, argv)
                s = open("/dev/null", O_WRONLY, 0);
        else
                s = socket(PF_ROUTE, SOCK_RAW, 0);
+       seteuid(uid);
        setuid(uid);
        if (s < 0)
                quit("socket");