diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2018-08-28 10:47:58 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2018-08-28 10:47:58 +0000 |
| commit | d46065df2d60bfbd08939733bd79b2a440d6fbc8 (patch) | |
| tree | 720921fc9471de3c67f5b8dc1404c8f6c6a02cb1 /uidswap.c | |
| parent | 3d0e42005d3bf786341ab96cfa1788bc601faa12 (diff) | |
Notes
Diffstat (limited to 'uidswap.c')
| -rw-r--r-- | uidswap.c | 39 |
1 files changed, 6 insertions, 33 deletions
diff --git a/uidswap.c b/uidswap.c index 8bf6b244e5c79..49f76d818a81d 100644 --- a/uidswap.c +++ b/uidswap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uidswap.c,v 1.39 2015/06/24 01:49:19 dtucker Exp $ */ +/* $OpenBSD: uidswap.c,v 1.41 2018/07/18 11:34:04 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -49,6 +49,7 @@ static gid_t saved_egid = 0; /* Saved effective uid. */ static int privileged = 0; static int temporarily_use_uid_effective = 0; +static uid_t user_groups_uid; static gid_t *saved_egroups = NULL, *user_groups = NULL; static int saved_egroupslen = -1, user_groupslen = -1; @@ -92,10 +93,11 @@ temporarily_use_uid(struct passwd *pw) fatal("getgroups: %.100s", strerror(errno)); } else { /* saved_egroupslen == 0 */ free(saved_egroups); + saved_egroups = NULL; } /* set and save the user's groups */ - if (user_groupslen == -1) { + if (user_groupslen == -1 || user_groups_uid != pw->pw_uid) { if (initgroups(pw->pw_name, pw->pw_gid) < 0) fatal("initgroups: %s: %.100s", pw->pw_name, strerror(errno)); @@ -110,7 +112,9 @@ temporarily_use_uid(struct passwd *pw) fatal("getgroups: %.100s", strerror(errno)); } else { /* user_groupslen == 0 */ free(user_groups); + user_groups = NULL; } + user_groups_uid = pw->pw_uid; } /* Set the effective uid to the given (unprivileged) uid. */ if (setgroups(user_groupslen, user_groups) < 0) @@ -131,37 +135,6 @@ temporarily_use_uid(struct passwd *pw) strerror(errno)); } -void -permanently_drop_suid(uid_t uid) -{ -#ifndef NO_UID_RESTORATION_TEST - uid_t old_uid = getuid(); -#endif - - debug("permanently_drop_suid: %u", (u_int)uid); - if (setresuid(uid, uid, uid) < 0) - fatal("setresuid %u: %.100s", (u_int)uid, strerror(errno)); - -#ifndef NO_UID_RESTORATION_TEST - /* - * Try restoration of UID if changed (test clearing of saved uid). - * - * Note that we don't do this on Cygwin, or on Solaris-based platforms - * where fine-grained privileges are available (the user might be - * deliberately allowed the right to setuid back to root). - */ - if (old_uid != uid && - (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) - fatal("%s: was able to restore old [e]uid", __func__); -#endif - - /* Verify UID drop was successful */ - if (getuid() != uid || geteuid() != uid) { - fatal("%s: euid incorrect uid:%u euid:%u (should be %u)", - __func__, (u_int)getuid(), (u_int)geteuid(), (u_int)uid); - } -} - /* * Restores to the original (privileged) uid. */ |