From: Theodore Tso <tytso@mit.edu>
Date: Thu, 2 Jun 1994 16:17:47 +0000 (+0000)
Subject: Fix security hole in krcp.c
X-Git-Tag: krb5-1.0-beta4~193
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=510e4a96cdee9e8dd8770de068dea815b520c4aa;p=krb5.git

Fix security hole in krcp.c

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@3658 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/appl/bsd/krcp.c b/src/appl/bsd/krcp.c
index 361574927..f874ce064 100644
--- a/src/appl/bsd/krcp.c
+++ b/src/appl/bsd/krcp.c
@@ -442,7 +442,9 @@ main(argc, argv)
 		    if (encryptflag)
 		      send_auth();
 		}
+		(void) setreuid(0, userid);
 		sink(1, argv+argc-1);
+		(void) setreuid(userid, 0);
 #else
 		rem = rcmd(&host, port, pwd->pw_name, suser,
 			   buf, 0);