d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SECURITY.

Browse Source 
Avoid using setre[ug]id() calls.
Removed the setgid stuff we don't need.
This commit is contained in:
Ruslan Ermilov 2001-09-06 11:54:28 +00:00
parent 53e1e93595
commit 6efca31685
2 changed files with 18 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
gnu/usr.bin/man/man/Makefile
View File

@ -20,7 +20,7 @@ CFLAGS+=-DHAVE_LIBZ=1
.endif
CFLAGS+= -I${.CURDIR}/../lib -DSTDC_HEADERS -DPOSIX -DHAS_TROFF
CFLAGS+= -DDO_COMPRESS -DALT_SYSTEMS -DSETREUID -DCATMODE=0644
CFLAGS+= -DDO_COMPRESS -DALT_SYSTEMS -DSETUID -DCATMODE=0644
CLEANFILES+= man.1
.PATH: ${.CURDIR}/../manpath

49
gnu/usr.bin/man/man/man.c
View File

@ -142,11 +142,9 @@ static char args[] = "M:P:S:adfhkp:w?";
#endif
#endif
#ifdef SETREUID
#ifdef SETUID
uid_t ruid;
uid_t euid;
gid_t rgid;
gid_t egid;
#endif
int
@ -186,13 +184,10 @@ main (argc, argv)
gripe_no_name (tmp);
}
#ifdef SETREUID
#ifdef SETUID
ruid = getuid();
rgid = getgid();
euid = geteuid();
egid = getegid();
setreuid(-1, ruid);
setregid(-1, rgid);
seteuid(ruid);
#endif
while (optind < argc)
@ -1248,33 +1243,27 @@ make_cat_file (path, man_file, cat_file, manid)
fprintf (stderr, "\ntrying command: %s\n", command);
else {
#ifdef SETREUID
if (manid) {
setreuid(-1, ruid);
setregid(-1, rgid);
}
#ifdef SETUID
if (manid)
seteuid(ruid);
#endif
if ((pp = popen(command, "r")) == NULL) {
s = errno;
fprintf(stderr, "Failed.\n");
errno = s;
perror("popen");
#ifdef SETREUID
if (manid) {
setreuid(-1, euid);
setregid(-1, egid);
}
#ifdef SETUID
if (manid)
seteuid(euid);
#endif
unlink(temp);
restore_sigs();
fclose(fp);
return 0;
}
#ifdef SETREUID
if (manid) {
setreuid(-1, euid);
setregid(-1, egid);
}
#ifdef SETUID
if (manid)
seteuid(euid);
#endif
f = 0;
@ -1412,16 +1401,10 @@ format_and_display (path, man_file, cat_file)
else
{
#ifdef SETREUID
setreuid(-1, euid);
setregid(-1, egid);
#ifdef SETUID
seteuid(euid);
found = make_cat_file (path, man_file, cat_file, 1);
#else
found = make_cat_file (path, man_file, cat_file, 0);
#endif
#ifdef SETREUID
setreuid(-1, ruid);
setregid(-1, rgid);
seteuid(ruid);
if (!found)
{
@ -1432,6 +1415,8 @@ format_and_display (path, man_file, cat_file)
of reading private man pages is avoided. */
found = make_cat_file (path, man_file, cat_file, 0);
}
#else
found = make_cat_file (path, man_file, cat_file, 0);
#endif
#ifdef SECURE_MAN_UID
if (!found)