Instead of swapping ruid and euid before and after touching user's file,
simply drop the privilege right after the program is started. Thanks to bde for giving me good suggestion about this problem.
This commit is contained in:
parent
e254d33903
commit
b0c88e4d21
@ -104,6 +104,11 @@ char **argv;
|
|||||||
register int l; /* non-descript index */
|
register int l; /* non-descript index */
|
||||||
register char c; /* non-descript character storage */
|
register char c; /* non-descript character storage */
|
||||||
long t; /* time for random num generator */
|
long t; /* time for random num generator */
|
||||||
|
uid_t uid;
|
||||||
|
|
||||||
|
/*Drop the privilege.*/
|
||||||
|
uid = getuid();
|
||||||
|
setreuid (uid,uid);
|
||||||
|
|
||||||
/* initialization */
|
/* initialization */
|
||||||
bflag = 2; /* default no board */
|
bflag = 2; /* default no board */
|
||||||
|
@ -87,7 +87,6 @@ register int n;
|
|||||||
writec (*fs++);
|
writec (*fs++);
|
||||||
}
|
}
|
||||||
*fs = '\0';
|
*fs = '\0';
|
||||||
setreuid(geteuid(), getuid());
|
|
||||||
if ((fdesc = open(fname,2)) == -1 && errno == 2) {
|
if ((fdesc = open(fname,2)) == -1 && errno == 2) {
|
||||||
if ((fdesc = creat (fname,0700)) != -1)
|
if ((fdesc = creat (fname,0700)) != -1)
|
||||||
break;
|
break;
|
||||||
@ -130,7 +129,6 @@ register int n;
|
|||||||
write (fdesc,&gvalue,sizeof gvalue);
|
write (fdesc,&gvalue,sizeof gvalue);
|
||||||
write (fdesc,&raflag,sizeof raflag);
|
write (fdesc,&raflag,sizeof raflag);
|
||||||
close (fdesc);
|
close (fdesc);
|
||||||
setreuid(geteuid(), getuid());
|
|
||||||
if (tflag)
|
if (tflag)
|
||||||
curmove (18,0);
|
curmove (18,0);
|
||||||
writel (saved);
|
writel (saved);
|
||||||
@ -150,7 +148,6 @@ char *s;
|
|||||||
register int i;
|
register int i;
|
||||||
int fdesc;
|
int fdesc;
|
||||||
|
|
||||||
setreuid(geteuid(), getuid());
|
|
||||||
if ((fdesc = open (s,0)) == -1)
|
if ((fdesc = open (s,0)) == -1)
|
||||||
norec (s);
|
norec (s);
|
||||||
read (fdesc,board,sizeof board);
|
read (fdesc,board,sizeof board);
|
||||||
@ -165,7 +162,6 @@ char *s;
|
|||||||
read (fdesc,&gvalue,sizeof gvalue);
|
read (fdesc,&gvalue,sizeof gvalue);
|
||||||
read (fdesc,&raflag,sizeof raflag);
|
read (fdesc,&raflag,sizeof raflag);
|
||||||
close (fdesc);
|
close (fdesc);
|
||||||
setreuid(geteuid(), getuid());
|
|
||||||
rflag = 1;
|
rflag = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -42,6 +42,8 @@ static char sccsid[] = "@(#)teach.c 8.1 (Berkeley) 5/31/93";
|
|||||||
#endif /* not lint */
|
#endif /* not lint */
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <unistd.h>
|
||||||
#include "back.h"
|
#include "back.h"
|
||||||
|
|
||||||
char *hello[];
|
char *hello[];
|
||||||
@ -78,6 +80,11 @@ char **argv;
|
|||||||
|
|
||||||
{
|
{
|
||||||
register int i;
|
register int i;
|
||||||
|
uid_t uid;
|
||||||
|
|
||||||
|
/*Drop the privilege.*/
|
||||||
|
uid = getuid();
|
||||||
|
setreuid (uid,uid);
|
||||||
|
|
||||||
acnt = 1;
|
acnt = 1;
|
||||||
signal (2,getout);
|
signal (2,getout);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user