diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | uidswap.c | 15 |
2 files changed, 14 insertions, 6 deletions
| @@ -26,6 +26,9 @@ | |||
| 26 | [sshd.c] | 26 | [sshd.c] |
| 27 | utmp_len is unsigned; display error consistent with other options. | 27 | utmp_len is unsigned; display error consistent with other options. |
| 28 | ok markus@ | 28 | ok markus@ |
| 29 | - stevesk@cvs.openbsd.org 2002/07/15 17:15:31 | ||
| 30 | [uidswap.c] | ||
| 31 | little more debugging; ok markus@ | ||
| 29 | 32 | ||
| 30 | 20020722 | 33 | 20020722 |
| 31 | - (bal) AIX tty data limiting patch fix by leigh@solinno.co.uk | 34 | - (bal) AIX tty data limiting patch fix by leigh@solinno.co.uk |
| @@ -1449,4 +1452,4 @@ | |||
| 1449 | - (stevesk) entropy.c: typo in debug message | 1452 | - (stevesk) entropy.c: typo in debug message |
| 1450 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ | 1453 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ |
| 1451 | 1454 | ||
| 1452 | $Id: ChangeLog,v 1.2402 2002/07/23 21:15:13 mouring Exp $ | 1455 | $Id: ChangeLog,v 1.2403 2002/07/23 21:29:49 mouring Exp $ |
| @@ -12,7 +12,7 @@ | |||
| 12 | */ | 12 | */ |
| 13 | 13 | ||
| 14 | #include "includes.h" | 14 | #include "includes.h" |
| 15 | RCSID("$OpenBSD: uidswap.c,v 1.22 2002/05/28 21:24:00 stevesk Exp $"); | 15 | RCSID("$OpenBSD: uidswap.c,v 1.23 2002/07/15 17:15:31 stevesk Exp $"); |
| 16 | 16 | ||
| 17 | #include "log.h" | 17 | #include "log.h" |
| 18 | #include "uidswap.h" | 18 | #include "uidswap.h" |
| @@ -52,8 +52,9 @@ temporarily_use_uid(struct passwd *pw) | |||
| 52 | #ifdef SAVED_IDS_WORK_WITH_SETEUID | 52 | #ifdef SAVED_IDS_WORK_WITH_SETEUID |
| 53 | saved_euid = geteuid(); | 53 | saved_euid = geteuid(); |
| 54 | saved_egid = getegid(); | 54 | saved_egid = getegid(); |
| 55 | debug("temporarily_use_uid: %u/%u (e=%u)", | 55 | debug("temporarily_use_uid: %u/%u (e=%u/%u)", |
| 56 | (u_int)pw->pw_uid, (u_int)pw->pw_gid, (u_int)saved_euid); | 56 | (u_int)pw->pw_uid, (u_int)pw->pw_gid, |
| 57 | (u_int)saved_euid, (u_int)saved_egid); | ||
| 57 | if (saved_euid != 0) { | 58 | if (saved_euid != 0) { |
| 58 | privileged = 0; | 59 | privileged = 0; |
| 59 | return; | 60 | return; |
| @@ -105,13 +106,15 @@ temporarily_use_uid(struct passwd *pw) | |||
| 105 | void | 106 | void |
| 106 | restore_uid(void) | 107 | restore_uid(void) |
| 107 | { | 108 | { |
| 108 | debug("restore_uid"); | ||
| 109 | /* it's a no-op unless privileged */ | 109 | /* it's a no-op unless privileged */ |
| 110 | if (!privileged) | 110 | if (!privileged) { |
| 111 | debug("restore_uid: (unprivileged)"); | ||
| 111 | return; | 112 | return; |
| 113 | } | ||
| 112 | if (!temporarily_use_uid_effective) | 114 | if (!temporarily_use_uid_effective) |
| 113 | fatal("restore_uid: temporarily_use_uid not effective"); | 115 | fatal("restore_uid: temporarily_use_uid not effective"); |
| 114 | 116 | ||
| 117 | debug("restore_uid: %u/%u", (u_int)saved_euid, (u_int)saved_egid); | ||
| 115 | #ifdef SAVED_IDS_WORK_WITH_SETEUID | 118 | #ifdef SAVED_IDS_WORK_WITH_SETEUID |
| 116 | /* Set the effective uid back to the saved privileged uid. */ | 119 | /* Set the effective uid back to the saved privileged uid. */ |
| 117 | if (seteuid(saved_euid) < 0) | 120 | if (seteuid(saved_euid) < 0) |
| @@ -142,6 +145,8 @@ permanently_set_uid(struct passwd *pw) | |||
| 142 | { | 145 | { |
| 143 | if (temporarily_use_uid_effective) | 146 | if (temporarily_use_uid_effective) |
| 144 | fatal("permanently_set_uid: temporarily_use_uid effective"); | 147 | fatal("permanently_set_uid: temporarily_use_uid effective"); |
| 148 | debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid, | ||
| 149 | (u_int)pw->pw_gid); | ||
| 145 | if (setgid(pw->pw_gid) < 0) | 150 | if (setgid(pw->pw_gid) < 0) |
| 146 | fatal("setgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); | 151 | fatal("setgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); |
| 147 | if (setuid(pw->pw_uid) < 0) | 152 | if (setuid(pw->pw_uid) < 0) |