diff options
Diffstat (limited to 'entropy.c')
-rw-r--r-- | entropy.c | 23 |
1 files changed, 22 insertions, 1 deletions
@@ -39,7 +39,7 @@ | |||
39 | #include "pathnames.h" | 39 | #include "pathnames.h" |
40 | #include "log.h" | 40 | #include "log.h" |
41 | 41 | ||
42 | RCSID("$Id: entropy.c,v 1.29 2001/02/18 11:34:32 stevesk Exp $"); | 42 | RCSID("$Id: entropy.c,v 1.30 2001/02/26 09:49:59 djm Exp $"); |
43 | 43 | ||
44 | #ifndef offsetof | 44 | #ifndef offsetof |
45 | # define offsetof(type, member) ((size_t) &((type *)0)->member) | 45 | # define offsetof(type, member) ((size_t) &((type *)0)->member) |
@@ -825,13 +825,34 @@ void init_rng(void) | |||
825 | prng_seed_saved = 0; | 825 | prng_seed_saved = 0; |
826 | 826 | ||
827 | /* Give up privs while reading seed file */ | 827 | /* Give up privs while reading seed file */ |
828 | #ifdef SAVED_IDS_WORK_WITH_SETEUID | ||
828 | if ((original_uid != original_euid) && (seteuid(original_uid) == -1)) | 829 | if ((original_uid != original_euid) && (seteuid(original_uid) == -1)) |
829 | fatal("Couldn't give up privileges"); | 830 | fatal("Couldn't give up privileges"); |
831 | #else /* SAVED_IDS_WORK_WITH_SETEUID */ | ||
832 | /* | ||
833 | * Propagate the privileged uid to all of our uids. | ||
834 | * Set the effective uid to the given (unprivileged) uid. | ||
835 | */ | ||
836 | if (original_uid != original_euid && setuid(original_euid) == -1 || | ||
837 | seteuid(original_uid) == -1) | ||
838 | fatal("Couldn't give up privileges"); | ||
839 | #endif /* SAVED_IDS_WORK_WITH_SETEUID */ | ||
830 | 840 | ||
831 | prng_read_seedfile(); | 841 | prng_read_seedfile(); |
832 | 842 | ||
843 | #ifdef SAVED_IDS_WORK_WITH_SETEUID | ||
833 | if ((original_uid != original_euid) && (seteuid(original_euid) == -1)) | 844 | if ((original_uid != original_euid) && (seteuid(original_euid) == -1)) |
834 | fatal("Couldn't restore privileges"); | 845 | fatal("Couldn't restore privileges"); |
846 | #else /* SAVED_IDS_WORK_WITH_SETEUID */ | ||
847 | /* | ||
848 | * We are unable to restore the real uid to its unprivileged value. | ||
849 | * Propagate the real uid (usually more privileged) to effective uid | ||
850 | * as well. | ||
851 | */ | ||
852 | if (original_uid != original_euid && seteuid(original_euid) == -1 || | ||
853 | setuid(original_uid) == -1) | ||
854 | fatal("Couldn't restore privileges"); | ||
855 | #endif /* SAVED_IDS_WORK_WITH_SETEUID */ | ||
835 | 856 | ||
836 | fatal_add_cleanup(prng_seed_cleanup, NULL); | 857 | fatal_add_cleanup(prng_seed_cleanup, NULL); |
837 | atexit(prng_write_seedfile); | 858 | atexit(prng_write_seedfile); |