- markus@cvs.openbsd.org 2006/06/06 10:20:20

[readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c] replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm
author: Damien Miller <djm@mindrot.org> 2006-06-13 13:05:15 +1000
committer: Damien Miller <djm@mindrot.org> 2006-06-13 13:05:15 +1000
commit: 6b4069ad563ce578cbfa6f90e76b462d26483e67 (patch)
tree: 777206b388f2ef12b83275d4aeb78e96cdea1bdd /sshconnect.h
parent: eb13e556e58a52a3ff0c734a8690ad41686cf92c (diff)
1 files changed, 13 insertions, 9 deletions
diff --git a/sshconnect.h b/sshconnect.h
index 3786ba56e..692d27567 100644
--- a/sshconnect.h
+++ b/sshconnect.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.h,v 1.19 2006/03/25 22:22:43 djm Exp $ */
+/* $OpenBSD: sshconnect.h,v 1.20 2006/06/06 10:20:20 markus Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -54,16 +54,20 @@ int	 ssh_local_cmd(const char *);
 /*
 * Macros to raise/lower permissions.
 */
-#define PRIV_START do {                         \
+#define PRIV_START do {                                 \
-        int save_errno = errno;                 \
+        int save_errno = errno;                         \
-        (void)seteuid(original_effective_uid);  \
+        if (seteuid(original_effective_uid) != 0)       \
-        errno = save_errno;                     \
+                fatal("PRIV_START: seteuid: %s",        \
+                    strerror(errno));                   \
+        errno = save_errno;                             \
 } while (0)
-#define PRIV_END do {                           \
+#define PRIV_END do {                                   \
-        int save_errno = errno;                 \
+        int save_errno = errno;                         \
-        (void)seteuid(original_real_uid);       \
+        if (seteuid(original_real_uid) != 0)            \
-        errno = save_errno;                     \
+                fatal("PRIV_END: seteuid: %s",          \
+                    strerror(errno));                   \
+        errno = save_errno;                             \
 } while (0)
 #endif
author	Damien Miller <djm@mindrot.org>	2006-06-13 13:05:15 +1000
committer	Damien Miller <djm@mindrot.org>	2006-06-13 13:05:15 +1000
commit	6b4069ad563ce578cbfa6f90e76b462d26483e67 (patch)
tree	777206b388f2ef12b83275d4aeb78e96cdea1bdd /sshconnect.h
parent	eb13e556e58a52a3ff0c734a8690ad41686cf92c (diff)

diff --git a/sshconnect.h b/sshconnect.h index 3786ba56e..692d27567 100644 --- a/sshconnect.h +++ b/sshconnect.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshconnect.h,v 1.19 2006/03/25 22:22:43 djm Exp $ */	1	/* $OpenBSD: sshconnect.h,v 1.20 2006/06/06 10:20:20 markus Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2000 Markus Friedl. All rights reserved.	4	* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -54,16 +54,20 @@ int ssh_local_cmd(const char *);
54	/*	54	/*
55	* Macros to raise/lower permissions.	55	* Macros to raise/lower permissions.
56	*/	56	*/
57	#define PRIV_START do { \	57	#define PRIV_START do { \
58	int save_errno = errno; \	58	int save_errno = errno; \
59	(void)seteuid(original_effective_uid); \	59	if (seteuid(original_effective_uid) != 0) \
60	errno = save_errno; \	60	fatal("PRIV_START: seteuid: %s", \
		61	strerror(errno)); \
		62	errno = save_errno; \
61	} while (0)	63	} while (0)
62		64
63	#define PRIV_END do { \	65	#define PRIV_END do { \
64	int save_errno = errno; \	66	int save_errno = errno; \
65	(void)seteuid(original_real_uid); \	67	if (seteuid(original_real_uid) != 0) \
66	errno = save_errno; \	68	fatal("PRIV_END: seteuid: %s", \
		69	strerror(errno)); \
		70	errno = save_errno; \
67	} while (0)	71	} while (0)
68		72
69	#endif	73	#endif