kill setuid, fix setgid hole

diff --git a/sbin/dump/Makefile b/sbin/dump/Makefile
index a3a170e..5a97b92 100644 (file)
--- a/sbin/dump/Makefile
+++ b/sbin/dump/Makefile
@@ -1,4 +1,4 @@
-#      $OpenBSD: Makefile,v 1.2 1996/06/23 14:30:09 deraadt Exp $
+#      $OpenBSD: Makefile,v 1.3 1996/09/01 15:31:01 deraadt Exp $
 #      $NetBSD: Makefile,v 1.16 1995/03/18 14:54:53 cgd Exp $
 
 #      dump.h                  header file
@@ -17,9 +17,8 @@ PROG= dump
 LINKS= ${BINDIR}/dump ${BINDIR}/rdump
 CFLAGS+=-DRDUMP
 SRCS=  itime.c main.c optr.c dumprmt.c tape.c traverse.c unctime.c
-BINOWN=        root
 BINGRP=        tty
-BINMODE=6555
+BINMODE=2555
 MAN=   dump.8
 MLINKS+=dump.8 rdump.8
 

diff --git a/sbin/dump/dumprmt.c b/sbin/dump/dumprmt.c
index 39f6098..3bce334 100644 (file)
--- a/sbin/dump/dumprmt.c
+++ b/sbin/dump/dumprmt.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: dumprmt.c,v 1.3 1996/08/06 17:02:06 deraadt Exp $     */
+/*     $OpenBSD: dumprmt.c,v 1.4 1996/09/01 15:31:02 deraadt Exp $     */
 /*     $NetBSD: dumprmt.c,v 1.10 1996/03/15 22:39:26 scottr Exp $      */
 
 /*-
@@ -91,8 +91,6 @@ static        void rmtgets __P((char *, int));
 static int rmtreply __P((char *));
 
 extern int ntrec;              /* blocking factor on tape */
-extern uid_t uid;              /* real uid */
-extern uid_t euid;             /* effective uid */
 
 int
 rmthost(host)
@@ -148,10 +146,8 @@ rmtgetconn()
        } else
                tuser = pwd->pw_name;
 
-       (void) seteuid(euid);
        rmtape = rcmd(&rmtpeer, (u_short)sp->s_port, pwd->pw_name, tuser,
            _PATH_RMT, (int *)0);
-       (void) setuid(uid);     /* Just to be Really Really safe */
 
        size = ntrec * TP_BSIZE;
        if (size > 60 * 1024)           /* XXX */

diff --git a/sbin/dump/main.c b/sbin/dump/main.c
index 6c7dec8..b319c63 100644 (file)
--- a/sbin/dump/main.c
+++ b/sbin/dump/main.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: main.c,v 1.7 1996/08/10 22:26:47 deraadt Exp $        */
+/*     $OpenBSD: main.c,v 1.8 1996/09/01 15:31:02 deraadt Exp $        */
 /*     $NetBSD: main.c,v 1.8 1996/03/15 22:39:32 scottr Exp $  */
 
 /*-
@@ -89,8 +89,7 @@ int   cartridge = 0;  /* Assume non-cartridge tape */
 long   dev_bsize = 1;  /* recalculated below */
 long   blocksperfile;  /* output blocks per file */
 char   *host = NULL;   /* remote host (if any) */
-uid_t  uid;            /* real uid */
-uid_t  euid;           /* effective uid */
+gid_t  gid, egid;      /* real, effective gid */
 
 static long numarg __P((char *, long, long));
 static void obsolete __P((int *, char **[]));
@@ -110,9 +109,9 @@ main(argc, argv)
        int i, anydirskipped, bflag = 0, Tflag = 0, honorlevel = 1;
        ino_t maxino;
 
-       uid = getuid();
-       euid = geteuid();
-       (void) seteuid(uid);
+       gid = getgid();
+       egid = getegid();
+       setegid(gid);
 
        spcl.c_date = 0;
        (void)time((time_t *)&spcl.c_date);
@@ -251,7 +250,6 @@ main(argc, argv)
                exit(X_ABORT);
 #endif
        }
-       (void) setuid(uid); /* rmthost() is the only reason to be setuid */
 
        if (signal(SIGHUP, SIG_IGN) != SIG_IGN)
                signal(SIGHUP, sig);

diff --git a/sbin/dump/optr.c b/sbin/dump/optr.c
index 6147b67..8364462 100644 (file)
--- a/sbin/dump/optr.c
+++ b/sbin/dump/optr.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: optr.c,v 1.8 1996/09/01 15:30:18 deraadt Exp $        */
+/*     $OpenBSD: optr.c,v 1.9 1996/09/01 15:31:03 deraadt Exp $        */
 /*     $NetBSD: optr.c,v 1.4 1996/05/18 16:16:17 jtk Exp $     */
 
 /*-
@@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "@(#)optr.c     8.2 (Berkeley) 1/6/94";
 #else
-static char rcsid[] = "$OpenBSD: optr.c,v 1.8 1996/09/01 15:30:18 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: optr.c,v 1.9 1996/09/01 15:31:03 deraadt Exp $";
 #endif
 #endif /* not lint */
 
@@ -72,6 +72,8 @@ void  alarmcatch __P((/* int, int */));
 int    datesort __P((const void *, const void *));
 static void sendmes __P((char *, char *));
 
+extern gid_t gid, egid;
+
 /*
  *     Query the operator; This previously-fascist piece of code
  *     no longer requires an exact response.
@@ -272,6 +274,7 @@ sendmes(tty, message)
        (void) strcpy(t, _PATH_DEV);
        (void) strncat(t, tty, sizeof t - strlen(_PATH_DEV));
 
+       setegid(egid);
        if ((f_tty = fopen(t, "w")) != NULL) {
                setbuf(f_tty, buf);
                (void) fprintf(f_tty,
@@ -295,6 +298,7 @@ DUMP: NEEDS ATTENTION: ",
                }
                (void) fclose(f_tty);
        }
+       setegid(gid);
 }
 
 /*