|
Lines 14-19
Link Here
|
| 14 |
|
14 |
|
| 15 |
#include "includes.h" |
15 |
#include "includes.h" |
| 16 |
|
16 |
|
|
|
17 |
#ifdef __INTERIX |
| 18 |
# include <interix/security.h> |
| 19 |
#endif |
| 20 |
|
| 17 |
#include <sys/param.h> |
21 |
#include <sys/param.h> |
| 18 |
#include <errno.h> |
22 |
#include <errno.h> |
| 19 |
#include <pwd.h> |
23 |
#include <pwd.h> |
|
Lines 81-86
Link Here
|
| 81 |
privileged = 1; |
85 |
privileged = 1; |
| 82 |
temporarily_use_uid_effective = 1; |
86 |
temporarily_use_uid_effective = 1; |
| 83 |
|
87 |
|
|
|
88 |
#ifndef __INTERIX |
| 84 |
saved_egroupslen = getgroups(0, NULL); |
89 |
saved_egroupslen = getgroups(0, NULL); |
| 85 |
if (saved_egroupslen < 0) |
90 |
if (saved_egroupslen < 0) |
| 86 |
fatal("getgroups: %.100s", strerror(errno)); |
91 |
fatal("getgroups: %.100s", strerror(errno)); |
|
Lines 116-121
Link Here
|
| 116 |
/* Set the effective uid to the given (unprivileged) uid. */ |
121 |
/* Set the effective uid to the given (unprivileged) uid. */ |
| 117 |
if (setgroups(user_groupslen, user_groups) < 0) |
122 |
if (setgroups(user_groupslen, user_groups) < 0) |
| 118 |
fatal("setgroups: %.100s", strerror(errno)); |
123 |
fatal("setgroups: %.100s", strerror(errno)); |
|
|
124 |
#endif |
| 119 |
#ifndef SAVED_IDS_WORK_WITH_SETEUID |
125 |
#ifndef SAVED_IDS_WORK_WITH_SETEUID |
| 120 |
/* Propagate the privileged gid to all of our gids. */ |
126 |
/* Propagate the privileged gid to all of our gids. */ |
| 121 |
if (setgid(getegid()) < 0) |
127 |
if (setgid(getegid()) < 0) |
|
Lines 153-159
Link Here
|
| 153 |
fatal("setuid %u: %.100s", (u_int)uid, strerror(errno)); |
159 |
fatal("setuid %u: %.100s", (u_int)uid, strerror(errno)); |
| 154 |
#endif |
160 |
#endif |
| 155 |
|
161 |
|
| 156 |
#ifndef HAVE_CYGWIN |
162 |
#if !defined(HAVE_CYGWIN) && !defined(__INTERIX) |
| 157 |
/* Try restoration of UID if changed (test clearing of saved uid) */ |
163 |
/* Try restoration of UID if changed (test clearing of saved uid) */ |
| 158 |
if (old_uid != uid && |
164 |
if (old_uid != uid && |
| 159 |
(setuid(old_uid) != -1 || seteuid(old_uid) != -1)) |
165 |
(setuid(old_uid) != -1 || seteuid(old_uid) != -1)) |
|
Lines 198-205
Link Here
|
| 198 |
setgid(getgid()); |
204 |
setgid(getgid()); |
| 199 |
#endif /* SAVED_IDS_WORK_WITH_SETEUID */ |
205 |
#endif /* SAVED_IDS_WORK_WITH_SETEUID */ |
| 200 |
|
206 |
|
|
|
207 |
#ifndef __INTERIX |
| 201 |
if (setgroups(saved_egroupslen, saved_egroups) < 0) |
208 |
if (setgroups(saved_egroupslen, saved_egroups) < 0) |
| 202 |
fatal("setgroups: %.100s", strerror(errno)); |
209 |
fatal("setgroups: %.100s", strerror(errno)); |
|
|
210 |
#endif |
| 203 |
temporarily_use_uid_effective = 0; |
211 |
temporarily_use_uid_effective = 0; |
| 204 |
} |
212 |
} |
| 205 |
|
213 |
|
|
Lines 220-225
Link Here
|
| 220 |
debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid, |
228 |
debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid, |
| 221 |
(u_int)pw->pw_gid); |
229 |
(u_int)pw->pw_gid); |
| 222 |
|
230 |
|
|
|
231 |
#ifdef __INTERIX |
| 232 |
if (strcmp(pw->pw_passwd, "*") == 0) { |
| 233 |
if (setuser(pw->pw_name, NULL, SU_COMPLETE)) |
| 234 |
fatal("setuser %.100s: %.100s", pw->pw_name, strerror(errno)); |
| 235 |
} else { |
| 236 |
if (setuser(pw->pw_name, pw->pw_passwd, SU_COMPLETE)) |
| 237 |
fatal("setuser %.100s: %.100s", pw->pw_name, strerror(errno)); |
| 238 |
} |
| 239 |
#else |
| 223 |
#if defined(HAVE_SETRESGID) && !defined(BROKEN_SETRESGID) |
240 |
#if defined(HAVE_SETRESGID) && !defined(BROKEN_SETRESGID) |
| 224 |
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0) |
241 |
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0) |
| 225 |
fatal("setresgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); |
242 |
fatal("setresgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); |
|
Lines 257-264
Link Here
|
| 257 |
if (setuid(pw->pw_uid) < 0) |
274 |
if (setuid(pw->pw_uid) < 0) |
| 258 |
fatal("setuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); |
275 |
fatal("setuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); |
| 259 |
#endif |
276 |
#endif |
|
|
277 |
#endif /* __INTERIX */ |
| 260 |
|
278 |
|
| 261 |
#ifndef HAVE_CYGWIN |
279 |
#if !defined(HAVE_CYGWIN) && !defined(__INTERIX) |
| 262 |
/* Try restoration of GID if changed (test clearing of saved gid) */ |
280 |
/* Try restoration of GID if changed (test clearing of saved gid) */ |
| 263 |
if (old_gid != pw->pw_gid && pw->pw_uid != 0 && |
281 |
if (old_gid != pw->pw_gid && pw->pw_uid != 0 && |
| 264 |
(setgid(old_gid) != -1 || setegid(old_gid) != -1)) |
282 |
(setgid(old_gid) != -1 || setegid(old_gid) != -1)) |
|
Lines 272-278
Link Here
|
| 272 |
(u_int)pw->pw_gid); |
290 |
(u_int)pw->pw_gid); |
| 273 |
} |
291 |
} |
| 274 |
|
292 |
|
| 275 |
#ifndef HAVE_CYGWIN |
293 |
#if !defined(HAVE_CYGWIN) && !defined(__INTERIX) |
| 276 |
/* Try restoration of UID if changed (test clearing of saved uid) */ |
294 |
/* Try restoration of UID if changed (test clearing of saved uid) */ |
| 277 |
if (old_uid != pw->pw_uid && |
295 |
if (old_uid != pw->pw_uid && |
| 278 |
(setuid(old_uid) != -1 || seteuid(old_uid) != -1)) |
296 |
(setuid(old_uid) != -1 || seteuid(old_uid) != -1)) |