emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Convert setuid/setgid users to xsetuid/xsetgid.

Browse Source
This commit is contained in:
Rob Landley 2006-07-16 08:06:34 +00:00
parent 25c194fd19
commit afb94ecf2b
6 changed files with 12 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
loginutils/passwd.c
View File

@ -227,10 +227,7 @@ int passwd_main(int argc, char **argv)
signal(SIGINT, SIG_IGN); signal(SIGINT, SIG_IGN);
signal(SIGQUIT, SIG_IGN); signal(SIGQUIT, SIG_IGN);
umask(077); umask(077);
if (setuid(0)) { xsetuid(0);
syslog(LOG_ERR, "can't setuid(0)");
bb_error_msg_and_die( "Cannot change ID to root.\n");
}
if (!update_passwd(pw, crypt_passwd)) { if (!update_passwd(pw, crypt_passwd)) {
syslog(LOG_INFO, "password for `%s' changed by user `%s'", name, syslog(LOG_INFO, "password for `%s' changed by user `%s'", name,
myname); myname);

3
networking/arping.c
View File

@ -262,7 +262,8 @@ int arping_main(int argc, char **argv)
s = socket(PF_PACKET, SOCK_DGRAM, 0); s = socket(PF_PACKET, SOCK_DGRAM, 0);
ifindex = errno; ifindex = errno;
setuid(getuid()); // Drop suid root privileges
xsetuid(getuid());
{ {
unsigned long opt; unsigned long opt;

2
networking/ether-wake.c
View File

@ -145,7 +145,7 @@ int etherwake_main(int argc, char *argv[])
s = make_socket(); s = make_socket();
/* now that we have a raw socket we can drop root */ /* now that we have a raw socket we can drop root */
setuid(getuid()); xsetuid(getuid());
/* look up the dest mac address */ /* look up the dest mac address */
get_dest_addr(argv[optind], &eaddr); get_dest_addr(argv[optind], &eaddr);

4
networking/fakeidentd.c
View File

@ -159,8 +159,8 @@ static int godaemon(void)
close(0); close(0);
inetbind(); inetbind();
if (setgid(nogrp)) bb_error_msg_and_die("Could not setgid()"); xsetgid(nogrp);
if (setuid(nobody)) bb_error_msg_and_die("Could not setuid()"); xsetuid(nobody);
close(1); close(1);
close(2); close(2);

6
networking/inetd.c
View File

@ -1513,11 +1513,11 @@ inetd_main (int argc, char *argv[])
if (sep->se_group) { if (sep->se_group) {
pwd->pw_gid = grp->gr_gid; pwd->pw_gid = grp->gr_gid;
} }
setgid ((gid_t) pwd->pw_gid); xsetgid ((gid_t) pwd->pw_gid);
initgroups (pwd->pw_name, pwd->pw_gid); initgroups (pwd->pw_name, pwd->pw_gid);
setuid ((uid_t) pwd->pw_uid); xsetuid((uid_t) pwd->pw_uid);
} else if (sep->se_group) { } else if (sep->se_group) {
setgid (grp->gr_gid); xsetgid(grp->gr_gid);
setgroups (1, &grp->gr_gid); setgroups (1, &grp->gr_gid);
} }
dup2 (ctrl, 0); dup2 (ctrl, 0);

8
networking/traceroute.c
View File

@ -941,7 +941,6 @@ traceroute_main(int argc, char *argv[])
#endif #endif
u_short off = 0; u_short off = 0;
struct IFADDRLIST *al; struct IFADDRLIST *al;
int uid = getuid();
char *device = NULL; char *device = NULL;
int max_ttl = 30; int max_ttl = 30;
char *max_ttl_str = NULL; char *max_ttl_str = NULL;
@ -1010,8 +1009,7 @@ traceroute_main(int argc, char *argv[])
* set the ip source address of the outbound * set the ip source address of the outbound
* probe (e.g., on a multi-homed host). * probe (e.g., on a multi-homed host).
*/ */
if (uid) if (getuid()) bb_error_msg_and_die("-s %s: Permission denied", source);
bb_error_msg_and_die("-s %s: Permission denied", source);
} }
if(waittime_str) if(waittime_str)
waittime = str2val(waittime_str, "wait time", 2, 24 * 60 * 60); waittime = str2val(waittime_str, "wait time", 2, 24 * 60 * 60);
@ -1160,8 +1158,8 @@ traceroute_main(int argc, char *argv[])
sizeof(on)); sizeof(on));
/* Revert to non-privileged user after opening sockets */ /* Revert to non-privileged user after opening sockets */
setgid(getgid()); xsetgid(getgid());
setuid(uid); xsetuid(getuid());
outip = (struct ip *)xcalloc(1, (unsigned)packlen); outip = (struct ip *)xcalloc(1, (unsigned)packlen);