+Tue Jan 6 17:11:28 1998 Tom Yu <tlyu@mit.edu>
+
+ * in_tkt.c: Conditionalize use of macro do_seteuid, rather than
+ redefining setreuid. [krb5-libs/521]
+
Sat Dec 6 22:17:28 1997 Ezra Peisach <epeisach@mit.edu>
* dest_tkt.c: Add <string.h> for memset prototype.
#ifdef TKT_SHMEM
#include <sys/param.h>
#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
extern int krb_debug;
* success, or KFAILURE if something goes wrong.
*/
-#ifndef HAVE_SETREUID
+#ifdef HAVE_SETEUID
+#define do_seteuid(e) seteuid((e))
+#else
#ifdef HAVE_SETRESUID
-/* for hpux */
-#define setreuid(r,e) setresuid(r,e,-1)
+#define do_seteuid(e) setresuid(getuid(), (e), geteuid())
#else
-/* for svr4 */
-#define setreuid(r,e) setuid(r)
+#ifdef HAVE_SETREUID
+#define do_seteuid(e) setreuid(geteuid(), (e))
+#else
+#define do_seteuid(e) (errno = EPERM, -1)
+#endif
#endif
#endif
This isn't a security problem, since the ticket file, if it already
exists, has the right uid (== ruid) and mode. */
if (me != metoo) {
- if (setreuid(metoo, me) < 0) {
+ if (do_seteuid(me) < 0) {
/* can't switch??? barf! */
if (krb_debug)
- perror("in_tkt: setreuid");
+ perror("in_tkt: seteuid");
return(KFAILURE);
} else
if (krb_debug)
}
umask(mask);
if (me != metoo) {
- if (setreuid(me, metoo) < 0) {
+ if (do_seteuid(metoo) < 0) {
/* can't switch??? barf! */
if (krb_debug)
- perror("in_tkt: setreuid2");
+ perror("in_tkt: seteuid2");
return(KFAILURE);
} else
if (krb_debug)
projects / krb5.git / commitdiff