diff options
author | Paul Jakma <paul.jakma@sun.com> | 2006-03-30 13:25:52 +0000 |
---|---|---|
committer | Paul Jakma <paul.jakma@sun.com> | 2006-03-30 13:25:52 +0000 |
commit | 924f9d32d9c42d6861f19bae795c48b48c83af23 (patch) | |
tree | e0fe7af931c30d337c1dec84bff8dfb97fa146bf /lib | |
parent | cbdfbaa51b600c7b217968b99a9b5a8fbf04bec4 (diff) |
[lib/privs] Changing user IDs should be done before dropping privileges
2006-03-14 Paul Jakma <paul.jakma@sun.com>
* privs.c: (zprivs_caps_init) Change user IDs before lowering
privileges, while this seems to work on Linux, on Solaris
it rightfully refuses due to PRIV_PROC_SETID having been
dropped.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ChangeLog | 7 | ||||
-rw-r--r-- | lib/privs.c | 38 |
2 files changed, 27 insertions, 18 deletions
diff --git a/lib/ChangeLog b/lib/ChangeLog index 34c79e40..8794d69e 100644 --- a/lib/ChangeLog +++ b/lib/ChangeLog @@ -1,3 +1,10 @@ +2006-03-14 Paul Jakma <paul.jakma@sun.com> + + * privs.c: (zprivs_caps_init) Change user IDs before lowering + privileges, while this seems to work on Linux, on Solaris + it rightfully refuses due to PRIV_PROC_SETID having been + dropped. + 2006-03-06 Paul Jakma <paul.jakma@sun.com> * if.h: export show_address_cmd, for anyone who wishes to use diff --git a/lib/privs.c b/lib/privs.c index 8ed39f4f..f4117e26 100644 --- a/lib/privs.c +++ b/lib/privs.c @@ -249,13 +249,6 @@ zprivs_caps_init (struct zebra_privs_t *zprivs) "but no capabilities supplied\n"); } - if ( !(zprivs_state.caps = cap_init()) ) - { - fprintf (stderr, "privs_init: failed to cap_init, %s\n", - safe_strerror (errno)); - exit (1); - } - /* we have caps, we have no need to ever change back the original user */ if (zprivs_state.zuid) { @@ -267,6 +260,13 @@ zprivs_caps_init (struct zebra_privs_t *zprivs) } } + if ( !(zprivs_state.caps = cap_init()) ) + { + fprintf (stderr, "privs_init: failed to cap_init, %s\n", + safe_strerror (errno)); + exit (1); + } + if ( cap_clear (zprivs_state.caps) ) { fprintf (stderr, "privs_init: failed to cap_clear, %s\n", @@ -483,6 +483,19 @@ zprivs_caps_init (struct zebra_privs_t *zprivs) /* need either valid or empty sets for both p and i.. */ assert (zprivs_state.syscaps_i && zprivs_state.syscaps_p); + /* we have caps, we have no need to ever change back the original user + * change real, effective and saved to the specified user. + */ + if (zprivs_state.zuid) + { + if ( setreuid (zprivs_state.zuid, zprivs_state.zuid) ) + { + fprintf (stderr, "%s: could not setreuid, %s\n", + __func__, safe_strerror (errno)); + exit (1); + } + } + /* set the permitted set */ if (setppriv (PRIV_SET, PRIV_PERMITTED, zprivs_state.syscaps_p)) { @@ -499,17 +512,6 @@ zprivs_caps_init (struct zebra_privs_t *zprivs) exit (1); } - /* we have caps, we have no need to ever change back the original user */ - if (zprivs_state.zuid) - { - if ( setreuid (zprivs_state.zuid, zprivs_state.zuid) ) - { - fprintf (stderr, "%s: could not setreuid, %s\n", - __func__, safe_strerror (errno)); - exit (1); - } - } - /* now clear the effective set and we're ready to go */ if (setppriv (PRIV_SET, PRIV_EFFECTIVE, empty)) { |