Re: bin/59449: which(1) / whereis(1) fails if the euid/egid != uid/gid

To: gnats-bugs%netbsd.org@localhost
Subject: Re: bin/59449: which(1) / whereis(1) fails if the euid/egid != uid/gid
From: Jan Schaumann <jschauma%netmeister.org@localhost>
Date: Sat, 31 May 2025 12:02:16 -0400

Robert Elz via gnats <gnats-admin%NetBSD.org@localhost> wrote:

>  I think your fix is the wrong one, a better fix is to replace
>  the call to setuid(euid) with a call to setreuid(euid, euid)
>  and setgid(egid) with a call to setregid(egid, egid).

Hehe, yes, that would be a bit easier:

Index: whereis.c
===================================================================
RCS file: /cvsroot/src/usr.bin/whereis/whereis.c,v
retrieving revision 1.21
diff -u -p -r1.21 whereis.c
--- whereis.c	17 Oct 2008 10:53:26 -0000	1.21
+++ whereis.c	31 May 2025 16:00:27 -0000
@@ -69,9 +69,9 @@ main(int argc, char *argv[])
 	uid_t euid = geteuid();
 
 	/* To make access(2) do what we want */
-	if (setgid(egid) == -1)
+	if (setregid(egid, egid) == -1)
 		err(1, "Can't set gid to %lu", (unsigned long)egid);
-	if (setuid(euid) == -1)
+	if (setreuid(euid, euid) == -1)
 		err(1, "Can't set uid to %lu", (unsigned long)euid);
 
 	while ((ch = getopt(argc, argv, "ap")) != -1)

References:
- Re: bin/59449: which(1) / whereis(1) fails if the euid/egid != uid/gid
  - From: Robert Elz via gnats

Prev by Date: Re: port-macppc/59177: NetBSD/macppc -current fails to boot on qemu
Next by Date: Re: bin/59449: which(1) / whereis(1) fails if the euid/egid != uid/gid
Previous by Thread: Re: bin/59449: which(1) / whereis(1) fails if the euid/egid != uid/gid
Next by Thread: Re: bin/59449: which(1) / whereis(1) fails if the euid/egid != uid/gid
Indexes:

Home | Main Index | Thread Index | Old Index