d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ping6: Revoke root privilege earlier

Browse Source 
It can be done just after the sockets have been created.

Submitted by:	Ján Sučan <sucanjan@gmail.com>
MFC after:	2 weeks
Sponsored by:	Google, inc. (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21213
This commit is contained in:
Alan Somers 2019-08-11 15:22:53 +00:00
parent 51f61fc0c7
commit 0ef7ac044a
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
sbin/ping6/ping6.c
View File

@ -659,6 +659,12 @@ main(int argc, char *argv[])
err(1, "socket srecv");
freeaddrinfo(res);
/* revoke root privilege */
if (seteuid(getuid()) != 0)
err(1, "seteuid() failed");
if (setuid(getuid()) != 0)
err(1, "setuid() failed");
/* set the source address if specified. */
if ((options & F_SRCADDR) != 0) {
/* properly fill sin6_scope_id */
@ -729,12 +735,6 @@ main(int argc, char *argv[])
#endif
}
/* revoke root privilege */
if (seteuid(getuid()) != 0)
err(1, "seteuid() failed");
if (setuid(getuid()) != 0)
err(1, "setuid() failed");
if ((options & F_FLOOD) && (options & F_INTERVAL))
errx(1, "-f and -i incompatible options");