Source-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: src/usr.bin/calendar



Module Name:    src
Committed By:   dholland
Date:           Wed Jul  1 06:45:51 UTC 2015

Modified Files:
        src/usr.bin/calendar: calendar.c

Log Message:
Correct privilege handling problems in calendar -a (which runs as root
from /etc/daily); do not exec other programs while the real uid is
still 0.

Also, clear the supplementary groups list up front and call initgroups
when becoming another user, to avoid leaking any extra group
privileges that we might have.

And finally, don't silently ignore errors changing uid and gid; those
are serious if they happen.


To generate a diff of this commit:
cvs rdiff -u -r1.50 -r1.51 src/usr.bin/calendar/calendar.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index