From 4d5889bf5a86dbb4bf1e6e74640683f93e166e0e Mon Sep 17 00:00:00 2001
From: bitblt <bitblt@openbsd.org>
Date: Tue, 25 Mar 1997 21:51:43 +0000
Subject: [PATCH] config file paranoia

---
 kerberosIV/krb/get_admhst.c | 4 +++-
 kerberosIV/krb/get_krbhst.c | 4 +++-
 kerberosIV/krb/get_krbrlm.c | 4 +++-
 kerberosIV/krb/getrealm.c   | 4 +++-
 4 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/kerberosIV/krb/get_admhst.c b/kerberosIV/krb/get_admhst.c
index a1ea02d2af7..c5605db5fcf 100644
--- a/kerberosIV/krb/get_admhst.c
+++ b/kerberosIV/krb/get_admhst.c
@@ -63,7 +63,9 @@ krb_get_admhst(h, r, n)
 
     if ((cnffile = fopen(KRB_CONF,"r")) == NULL) {
         char tbuf[128];
-        char *tdir = (char *) getenv("KRBCONFDIR");
+        char *tdir = NULL;
+        if (issetugid() == 0)
+	   tdir = (char *) getenv("KRBCONFDIR");
         strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
         tbuf[sizeof(tbuf)-1] = 0;
         strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf));
diff --git a/kerberosIV/krb/get_krbhst.c b/kerberosIV/krb/get_krbhst.c
index 3afd9bc3d5b..56c9bcea11f 100644
--- a/kerberosIV/krb/get_krbhst.c
+++ b/kerberosIV/krb/get_krbhst.c
@@ -71,7 +71,9 @@ krb_get_krbhst(h, r, n)
 
     if ((cnffile = fopen(KRB_CONF,"r")) == NULL) {
         char tbuf[128];
-        char *tdir = (char *) getenv("KRBCONFDIR");
+        char *tdir = NULL;
+	if (issetugid() == 0)
+	   tdir = (char *) getenv("KRBCONFDIR");
         strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
         tbuf[sizeof(tbuf)-1] = 0;
         strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf));
diff --git a/kerberosIV/krb/get_krbrlm.c b/kerberosIV/krb/get_krbrlm.c
index 8d6d259bf91..a7963c3be47 100644
--- a/kerberosIV/krb/get_krbrlm.c
+++ b/kerberosIV/krb/get_krbrlm.c
@@ -54,7 +54,9 @@ krb_get_lrealm(r, n)
 
     if ((cnffile = fopen(KRB_CONF, "r")) == NULL) {
         char tbuf[128];
-        char *tdir = (char *) getenv("KRBCONFDIR");
+        char *tdir = NULL;
+	if (issetugid() == 0) 
+	   tdir = (char *) getenv("KRBCONFDIR");
         strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
         tbuf[sizeof(tbuf)-1] = 0;
         strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf));
diff --git a/kerberosIV/krb/getrealm.c b/kerberosIV/krb/getrealm.c
index 52d3427721b..0664b1f5c18 100644
--- a/kerberosIV/krb/getrealm.c
+++ b/kerberosIV/krb/getrealm.c
@@ -82,7 +82,9 @@ krb_realmofhost(host)
 
 	if ((trans_file = fopen(KRB_RLM_TRANS, "r")) == (FILE *) 0) {
 	        char tbuf[128];
-		char *tdir = (char *) getenv("KRBCONFDIR");
+		char *tdir = NULL;
+		if (issetugid() == 0) 
+			tdir = (char *) getenv("KRBCONFDIR");
 		strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
 		tbuf[sizeof(tbuf)-1] = '\0';
 		strncat(tbuf, "/krb.realms", sizeof(tbuf) - strlen(tbuf));
-- 
2.20.1