2 files changed, 16 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 4cf384c04..82288c998 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+20001125
+ - (djm) Give up privs when reading seed file
+
 20001123
  - (bal) Merge OpenBSD changes:
    - markus@cvs.openbsd.org  2000/11/15 22:31:36
diff --git a/entropy.c b/entropy.c
index f4a655e04..2929c3fd7 100644
--- a/entropy.c
+++ b/entropy.c
@@ -35,7 +35,7 @@
 # include <floatingpoint.h>
 #endif /* HAVE_FLOATINGPOINT_H */
 
-RCSID("$Id: entropy.c,v 1.21 2000/10/16 09:13:43 djm Exp $");
+RCSID("$Id: entropy.c,v 1.22 2000/11/24 23:09:32 djm Exp $");
 
 #ifndef offsetof
 # define offsetof(type, member) ((size_t) &((type *)0)->member)
@@ -798,7 +798,10 @@ seed_rng(void)
 
 void init_rng(void) 
 {
+        int original_euid;
+        
         original_uid = getuid();
+        original_euid = geteuid();
 
         /* Read in collection commands */
         if (!prng_read_commands(SSH_PRNG_COMMAND_FILE))
@@ -806,7 +809,16 @@ void init_rng(void)
 
         /* Set ourselves up to save a seed upon exit */
         prng_seed_saved = 0;            
+
+        /* Give up privs while reading seed file */
+        if ((original_uid != original_euid) && (seteuid(original_uid) == -1))
+                fatal("Couldn't give up privileges");
+        
         prng_read_seedfile();
+
+        if ((original_uid != original_euid) && (seteuid(original_euid) == -1))
+                fatal("Couldn't restore privileges");
+
         fatal_add_cleanup(prng_seed_cleanup, NULL);
         atexit(prng_write_seedfile);