From 4bd36bfb4bb3f57d4aecf1e66909b270f3cfef5c Mon Sep 17 00:00:00 2001 From: tholo Date: Sun, 22 Dec 1996 02:57:49 +0000 Subject: [PATCH] Deal with _POSIX_SAVED_IDS when relinquishing privileges --- bin/ksh/misc.c | 4 +++- bin/pdksh/misc.c | 4 +++- bin/ps/ps.c | 8 +++++--- bin/rcp/rcp.c | 5 ++++- bin/rcp/util.c | 5 +++-- 5 files changed, 18 insertions(+), 8 deletions(-) diff --git a/bin/ksh/misc.c b/bin/ksh/misc.c index dcbd8130b18..5108389f6bf 100644 --- a/bin/ksh/misc.c +++ b/bin/ksh/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.2 1996/08/19 20:08:57 downsj Exp $ */ +/* $OpenBSD: misc.c,v 1.3 1996/12/22 02:57:49 tholo Exp $ */ /* * Miscellaneous functions @@ -308,7 +308,9 @@ change_flag(f, what, newval) #ifdef OS2 ; #else /* OS2 */ + seteuid(getuid()); setuid(getuid()); + setegid(getgid()); setgid(getgid()); #endif /* OS2 */ } else if (f == FPOSIX && newval) { diff --git a/bin/pdksh/misc.c b/bin/pdksh/misc.c index dcbd8130b18..5108389f6bf 100644 --- a/bin/pdksh/misc.c +++ b/bin/pdksh/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.2 1996/08/19 20:08:57 downsj Exp $ */ +/* $OpenBSD: misc.c,v 1.3 1996/12/22 02:57:49 tholo Exp $ */ /* * Miscellaneous functions @@ -308,7 +308,9 @@ change_flag(f, what, newval) #ifdef OS2 ; #else /* OS2 */ + seteuid(getuid()); setuid(getuid()); + setegid(getgid()); setgid(getgid()); #endif /* OS2 */ } else if (f == FPOSIX && newval) { diff --git a/bin/ps/ps.c b/bin/ps/ps.c index 6e4b70e89b5..9d7d64e3da3 100644 --- a/bin/ps/ps.c +++ b/bin/ps/ps.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ps.c,v 1.6 1996/12/14 12:18:10 mickey Exp $ */ +/* $OpenBSD: ps.c,v 1.7 1996/12/22 02:57:50 tholo Exp $ */ /* $NetBSD: ps.c,v 1.15 1995/05/18 20:33:25 mycroft Exp $ */ /*- @@ -44,7 +44,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)ps.c 8.4 (Berkeley) 4/2/94"; #else -static char rcsid[] = "$OpenBSD: ps.c,v 1.6 1996/12/14 12:18:10 mickey Exp $"; +static char rcsid[] = "$OpenBSD: ps.c,v 1.7 1996/12/22 02:57:50 tholo Exp $"; #endif #endif /* not lint */ @@ -267,8 +267,10 @@ main(argc, argv) * Discard setgid privileges if not the running kernel so that bad * guys can't print interesting stuff from kernel memory. */ - if (nlistf != NULL || memf != NULL || swapf != NULL) + if (nlistf != NULL || memf != NULL || swapf != NULL) { + setegid(getgid()); setgid(getgid()); + } kd = kvm_openfiles(nlistf, memf, swapf, O_RDONLY, errbuf); if (kd == 0) diff --git a/bin/rcp/rcp.c b/bin/rcp/rcp.c index c2383c34fa2..39112c5d95f 100644 --- a/bin/rcp/rcp.c +++ b/bin/rcp/rcp.c @@ -1,5 +1,5 @@ /* $NetBSD: rcp.c,v 1.9 1995/03/21 08:19:06 cgd Exp $ */ -/* $OpenBSD: rcp.c,v 1.7 1996/12/14 12:18:13 mickey Exp $ */ +/* $OpenBSD: rcp.c,v 1.8 1996/12/22 02:57:51 tholo Exp $ */ /* * Copyright (c) 1983, 1990, 1992, 1993 @@ -189,12 +189,14 @@ main(argc, argv) if (fflag) { /* Follow "protocol", send data. */ (void)response(); + (void)seteuid(userid); (void)setuid(userid); source(argc, argv); exit(errs); } if (tflag) { /* Receive data. */ + (void)seteuid(userid); (void)setuid(userid); sink(argc, argv); exit(errs); @@ -313,6 +315,7 @@ toremote(targ, argc, argv) if (response() < 0) exit(1); (void)free(bp); + (void)seteuid(userid); (void)setuid(userid); } source(1, argv+i); diff --git a/bin/rcp/util.c b/bin/rcp/util.c index aebe3b257ca..eeeaeac31ad 100644 --- a/bin/rcp/util.c +++ b/bin/rcp/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.3 1996/09/03 09:35:31 deraadt Exp $ */ +/* $OpenBSD: util.c,v 1.4 1996/12/22 02:57:52 tholo Exp $ */ /* $NetBSD: util.c,v 1.2 1995/03/21 08:19:08 cgd Exp $ */ /*- @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)util.c 8.2 (Berkeley) 4/2/94"; #else -static char rcsid[] = "$OpenBSD: util.c,v 1.3 1996/09/03 09:35:31 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: util.c,v 1.4 1996/12/22 02:57:52 tholo Exp $"; #endif #endif /* not lint */ @@ -122,6 +122,7 @@ susystem(s, userid) return (127); case 0: + (void)seteuid(userid); (void)setuid(userid); execl(_PATH_BSHELL, "sh", "-c", s, NULL); _exit(127); -- 2.20.1