When opening the file to broadcast, do it with the user's gid, not the
egid (tty). Obtained from: OpenBSD Submitted by: Maxime Henrion <mux@qualys.com> Reviewed by: imp
This commit is contained in:
parent
724682d233
commit
a47f98edb4
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=76367
@ -189,6 +189,7 @@ makemsg(char *fname)
|
||||
int fd;
|
||||
char *p, *tty, hostname[MAXHOSTNAMELEN], lbuf[256], tmpname[64];
|
||||
const char *whom;
|
||||
gid_t egid;
|
||||
|
||||
(void)snprintf(tmpname, sizeof(tmpname), "%s/wall.XXXXXX", _PATH_TMP);
|
||||
if ((fd = mkstemp(tmpname)) == -1 || !(fp = fdopen(fd, "r+")))
|
||||
@ -225,8 +226,13 @@ makemsg(char *fname)
|
||||
}
|
||||
(void)fprintf(fp, "%79s\r\n", " ");
|
||||
|
||||
if (fname && !(freopen(fname, "r", stdin)))
|
||||
err(1, "can't read %s", fname);
|
||||
if (fname) {
|
||||
egid = getegid();
|
||||
setegid(getgid());
|
||||
if (freopen(fname, "r", stdin) == NULL)
|
||||
err(1, "can't read %s", fname);
|
||||
setegid(egid);
|
||||
}
|
||||
while (fgets(lbuf, sizeof(lbuf), stdin))
|
||||
for (cnt = 0, p = lbuf; (ch = *p) != '\0'; ++p, ++cnt) {
|
||||
if (ch == '\r') {
|
||||
|
Loading…
Reference in New Issue
Block a user