From: Theodore Tso <tytso@mit.edu>
Date: Wed, 3 May 1995 02:57:02 +0000 (+0000)
Subject: Don't try to play uid swapping games if the effective uid is not zero
X-Git-Tag: krb5-1.0-beta5~56
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=c89b63f703a026397e048c214e277cb50ba8cf17;p=krb5.git
Don't try to play uid swapping games if the effective uid is not zero
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5697 dc483132-0cff-0310-8789-dd5450dbe970
---
diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog
index 476966c1e..255c3af2f 100644
--- a/src/appl/bsd/ChangeLog
+++ b/src/appl/bsd/ChangeLog
@@ -1,6 +1,9 @@
Tue May 2 22:12:39 1995 Theodore Y. Ts'o (tytso@dcl)
- * kcmd.c (kcmd()): Bug fix to jik's bug fix. (Caused by our code
+ * krcp.c (main): Don't try to play uid swapping games if the
+ effective uid is not zero.
+
+ * kcmd.c (kcmd): Bug fix to jik's bug fix. (Caused by our code
drift since jik's changes went in, and not sufficiently
careful checking of jik's patches before applying it.)
diff --git a/src/appl/bsd/krcp.c b/src/appl/bsd/krcp.c
index 7aa446530..ef0da9083 100644
--- a/src/appl/bsd/krcp.c
+++ b/src/appl/bsd/krcp.c
@@ -144,6 +144,7 @@ main(argc, argv)
#ifdef KERBEROS
krb5_flags authopts;
krb5_error_code status;
+ int euid;
char **orig_argv = save_argv(argc, argv);
sp = getservbyname("kshell", "tcp");
@@ -469,18 +470,25 @@ main(argc, argv)
if (encryptflag)
send_auth();
}
+ euid = geteuid();
#ifdef HAVE_SETREUID
- (void) setreuid(0, userid);
+ if (euid == 0)
+ (void) setreuid(0, userid);
sink(1, argv+argc-1);
- (void) setreuid(userid, 0);
+ if (euid == 0)
+ (void) setreuid(userid, 0);
#else
- (void) setuid(0);
- if(seteuid(userid)) {
- perror("rcp seteuid user"); errs++; exit(errs);
+ if (euid == 0) {
+ (void) setuid(0);
+ if(seteuid(userid)) {
+ perror("rcp seteuid user"); errs++; exit(errs);
+ }
}
sink(1, argv+argc-1);
- if(seteuid(0)) {
- perror("rcp seteuid 0"); errs++; exit(errs);
+ if (euid == 0) {
+ if(seteuid(0)) {
+ perror("rcp seteuid 0"); errs++; exit(errs);
+ }
}
#endif
#else