NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: bin/59449: which(1) / whereis(1) fails if the euid/egid != uid/gid



Robert Elz via gnats <gnats-admin%NetBSD.org@localhost> wrote:

>  I think your fix is the wrong one, a better fix is to replace
>  the call to setuid(euid) with a call to setreuid(euid, euid)
>  and setgid(egid) with a call to setregid(egid, egid).

Hehe, yes, that would be a bit easier:

Index: whereis.c
===================================================================
RCS file: /cvsroot/src/usr.bin/whereis/whereis.c,v
retrieving revision 1.21
diff -u -p -r1.21 whereis.c
--- whereis.c	17 Oct 2008 10:53:26 -0000	1.21
+++ whereis.c	31 May 2025 16:00:27 -0000
@@ -69,9 +69,9 @@ main(int argc, char *argv[])
 	uid_t euid = geteuid();
 
 	/* To make access(2) do what we want */
-	if (setgid(egid) == -1)
+	if (setregid(egid, egid) == -1)
 		err(1, "Can't set gid to %lu", (unsigned long)egid);
-	if (setuid(euid) == -1)
+	if (setreuid(euid, euid) == -1)
 		err(1, "Can't set uid to %lu", (unsigned long)euid);
 
 	while ((ch = getopt(argc, argv, "ap")) != -1)




Home | Main Index | Thread Index | Old Index