[src/netbsd-1-5]: src/lib/libc/net Pullup 1.15 [lukem]:

[tv <tv%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/3fb2a9b5c534
branches:  netbsd-1-5
changeset: 490085:3fb2a9b5c534
user:      tv <tv%NetBSD.org@localhost>
date:      Wed Nov 01 22:45:45 2000 +0000

description:
Pullup 1.15 [lukem]:
Don't getenv $HESIOD_CONFIG or $HES_DOMAIN if issetugid().
Initial problem noted by Danny Braniss <danny%cs.huji.ac.il@localhost>
via Jacques A.  Vidrine <n%nectar.com@localhost>

diffstat:

 lib/libc/net/hesiod.c |  21 ++++++++++++++++-----
 1 files changed, 16 insertions(+), 5 deletions(-)

diffs (55 lines):

diff -r 0df6c6b5a737 -r 3fb2a9b5c534 lib/libc/net/hesiod.c
--- a/lib/libc/net/hesiod.c     Wed Nov 01 22:32:50 2000 +0000
+++ b/lib/libc/net/hesiod.c     Wed Nov 01 22:45:45 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: hesiod.c,v 1.13 2000/06/18 04:07:03 ghudson Exp $      */
+/*     $NetBSD: hesiod.c,v 1.13.2.1 2000/11/01 22:45:45 tv Exp $       */
 
 /* Copyright (c) 1996 by Internet Software Consortium.
  *
@@ -52,7 +52,7 @@
     "#Id: hesiod_p.h,v 1.1 1996/12/08 21:39:37 ghudson Exp #");
 __IDSTRING(rcsid_hescompat_c,
     "#Id: hescompat.c,v 1.1.2.1 1996/12/16 08:37:45 ghudson Exp #");
-__RCSID("$NetBSD: hesiod.c,v 1.13 2000/06/18 04:07:03 ghudson Exp $");
+__RCSID("$NetBSD: hesiod.c,v 1.13.2.1 2000/11/01 22:45:45 tv Exp $");
 #endif /* LIBC_SCCS and not lint */
 
 #include "namespace.h"
@@ -70,6 +70,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
 
 #ifdef __weak_alias
 __weak_alias(hesiod_init,_hesiod_init)
@@ -115,15 +116,25 @@
        ctx = malloc(sizeof(struct hesiod_p));
        if (ctx) {
                *context = ctx;
-               configname = getenv("HESIOD_CONFIG");
+                       /*
+                        * don't permit overrides from environment
+                        * for set.id programs
+                        */
+               if (issetugid())
+                       configname = NULL;
+               else
+                       configname = getenv("HESIOD_CONFIG");
                if (!configname)
                        configname = _PATH_HESIOD_CONF;
                if (read_config_file(ctx, configname) >= 0) {
                        /*
                         * The default rhs can be overridden by an
-                        * environment variable.
+                        * environment variable, unless set.id.
                         */
-                       p = getenv("HES_DOMAIN");
+                       if (issetugid())
+                               p = NULL;
+                       else
+                               p = getenv("HES_DOMAIN");
                        if (p) {
                                if (ctx->rhs)
                                        free(ctx->rhs);