diff options
author | Colin Watson <cjwatson@debian.org> | 2016-02-29 12:15:15 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2016-03-08 11:51:22 +0000 |
commit | 46961f5704f8e86cea3e99253faad55aef4d8f35 (patch) | |
tree | 0dd97fa4fb649a62b4639fe2674380872b1f3e98 /uidswap.c | |
parent | c753fe267efb1b027424fa8706cf0385fc3d14c1 (diff) | |
parent | 85e40e87a75fb80a0bf893ac05a417d6c353537d (diff) |
New upstream release (7.2).
Diffstat (limited to 'uidswap.c')
-rw-r--r-- | uidswap.c | 18 |
1 files changed, 12 insertions, 6 deletions
@@ -134,7 +134,7 @@ temporarily_use_uid(struct passwd *pw) | |||
134 | void | 134 | void |
135 | permanently_drop_suid(uid_t uid) | 135 | permanently_drop_suid(uid_t uid) |
136 | { | 136 | { |
137 | #ifndef HAVE_CYGWIN | 137 | #ifndef NO_UID_RESTORATION_TEST |
138 | uid_t old_uid = getuid(); | 138 | uid_t old_uid = getuid(); |
139 | #endif | 139 | #endif |
140 | 140 | ||
@@ -142,8 +142,14 @@ permanently_drop_suid(uid_t uid) | |||
142 | if (setresuid(uid, uid, uid) < 0) | 142 | if (setresuid(uid, uid, uid) < 0) |
143 | fatal("setresuid %u: %.100s", (u_int)uid, strerror(errno)); | 143 | fatal("setresuid %u: %.100s", (u_int)uid, strerror(errno)); |
144 | 144 | ||
145 | #ifndef HAVE_CYGWIN | 145 | #ifndef NO_UID_RESTORATION_TEST |
146 | /* Try restoration of UID if changed (test clearing of saved uid) */ | 146 | /* |
147 | * Try restoration of UID if changed (test clearing of saved uid). | ||
148 | * | ||
149 | * Note that we don't do this on Cygwin, or on Solaris-based platforms | ||
150 | * where fine-grained privileges are available (the user might be | ||
151 | * deliberately allowed the right to setuid back to root). | ||
152 | */ | ||
147 | if (old_uid != uid && | 153 | if (old_uid != uid && |
148 | (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) | 154 | (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) |
149 | fatal("%s: was able to restore old [e]uid", __func__); | 155 | fatal("%s: was able to restore old [e]uid", __func__); |
@@ -199,7 +205,7 @@ restore_uid(void) | |||
199 | void | 205 | void |
200 | permanently_set_uid(struct passwd *pw) | 206 | permanently_set_uid(struct passwd *pw) |
201 | { | 207 | { |
202 | #ifndef HAVE_CYGWIN | 208 | #ifndef NO_UID_RESTORATION_TEST |
203 | uid_t old_uid = getuid(); | 209 | uid_t old_uid = getuid(); |
204 | gid_t old_gid = getgid(); | 210 | gid_t old_gid = getgid(); |
205 | #endif | 211 | #endif |
@@ -227,7 +233,7 @@ permanently_set_uid(struct passwd *pw) | |||
227 | if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0) | 233 | if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0) |
228 | fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); | 234 | fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); |
229 | 235 | ||
230 | #ifndef HAVE_CYGWIN | 236 | #ifndef NO_UID_RESTORATION_TEST |
231 | /* Try restoration of GID if changed (test clearing of saved gid) */ | 237 | /* Try restoration of GID if changed (test clearing of saved gid) */ |
232 | if (old_gid != pw->pw_gid && pw->pw_uid != 0 && | 238 | if (old_gid != pw->pw_gid && pw->pw_uid != 0 && |
233 | (setgid(old_gid) != -1 || setegid(old_gid) != -1)) | 239 | (setgid(old_gid) != -1 || setegid(old_gid) != -1)) |
@@ -241,7 +247,7 @@ permanently_set_uid(struct passwd *pw) | |||
241 | (u_int)pw->pw_gid); | 247 | (u_int)pw->pw_gid); |
242 | } | 248 | } |
243 | 249 | ||
244 | #ifndef HAVE_CYGWIN | 250 | #ifndef NO_UID_RESTORATION_TEST |
245 | /* Try restoration of UID if changed (test clearing of saved uid) */ | 251 | /* Try restoration of UID if changed (test clearing of saved uid) */ |
246 | if (old_uid != pw->pw_uid && | 252 | if (old_uid != pw->pw_uid && |
247 | (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) | 253 | (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) |