When opening the file to broadcast, do it with the user's gid, not the
egid (tty). Obtained from: OpenBSD Submitted by: Maxime Henrion <mux@qualys.com> Reviewed by: imp
This commit is contained in:
parent
724682d233
commit
a47f98edb4
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=76367
@ -189,6 +189,7 @@ makemsg(char *fname)
|
|||||||
int fd;
|
int fd;
|
||||||
char *p, *tty, hostname[MAXHOSTNAMELEN], lbuf[256], tmpname[64];
|
char *p, *tty, hostname[MAXHOSTNAMELEN], lbuf[256], tmpname[64];
|
||||||
const char *whom;
|
const char *whom;
|
||||||
|
gid_t egid;
|
||||||
|
|
||||||
(void)snprintf(tmpname, sizeof(tmpname), "%s/wall.XXXXXX", _PATH_TMP);
|
(void)snprintf(tmpname, sizeof(tmpname), "%s/wall.XXXXXX", _PATH_TMP);
|
||||||
if ((fd = mkstemp(tmpname)) == -1 || !(fp = fdopen(fd, "r+")))
|
if ((fd = mkstemp(tmpname)) == -1 || !(fp = fdopen(fd, "r+")))
|
||||||
@ -225,8 +226,13 @@ makemsg(char *fname)
|
|||||||
}
|
}
|
||||||
(void)fprintf(fp, "%79s\r\n", " ");
|
(void)fprintf(fp, "%79s\r\n", " ");
|
||||||
|
|
||||||
if (fname && !(freopen(fname, "r", stdin)))
|
if (fname) {
|
||||||
err(1, "can't read %s", fname);
|
egid = getegid();
|
||||||
|
setegid(getgid());
|
||||||
|
if (freopen(fname, "r", stdin) == NULL)
|
||||||
|
err(1, "can't read %s", fname);
|
||||||
|
setegid(egid);
|
||||||
|
}
|
||||||
while (fgets(lbuf, sizeof(lbuf), stdin))
|
while (fgets(lbuf, sizeof(lbuf), stdin))
|
||||||
for (cnt = 0, p = lbuf; (ch = *p) != '\0'; ++p, ++cnt) {
|
for (cnt = 0, p = lbuf; (ch = *p) != '\0'; ++p, ++cnt) {
|
||||||
if (ch == '\r') {
|
if (ch == '\r') {
|
||||||
|
Loading…
Reference in New Issue
Block a user