[src/trunk]: src/crypto/dist/ssh Change the order of the set{e, }{u, g}id calls...

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/295820ac4817
branches:  trunk
changeset: 573868:295820ac4817
user:      christos <christos%NetBSD.org@localhost>
date:      Sun Feb 13 05:54:27 2005 +0000

description:
Change the order of the set{e,}{u,g}id calls. NetBSD is stricter and needs
to keep the euid until the end. Add a bit of debugging.

diffstat:

 crypto/dist/ssh/uidswap.c |  14 +++++++++++---
 1 files changed, 11 insertions(+), 3 deletions(-)

diffs (37 lines):

diff -r 9027ae7453fa -r 295820ac4817 crypto/dist/ssh/uidswap.c
--- a/crypto/dist/ssh/uidswap.c Sun Feb 13 03:15:18 2005 +0000
+++ b/crypto/dist/ssh/uidswap.c Sun Feb 13 05:54:27 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: uidswap.c,v 1.2 2003/07/10 01:09:49 lukem Exp $        */
+/*     $NetBSD: uidswap.c,v 1.3 2005/02/13 05:54:27 christos Exp $     */
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
  * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -13,8 +13,8 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: uidswap.c,v 1.23 2002/07/15 17:15:31 stevesk Exp $");
-__RCSID("$NetBSD: uidswap.c,v 1.2 2003/07/10 01:09:49 lukem Exp $");
+RCSID("$OpenBSD: uidswap.c,v 1.24 2003/05/29 16:58:45 deraadt Exp $");
+__RCSID("$NetBSD: uidswap.c,v 1.3 2005/02/13 05:54:27 christos Exp $");
 
 #include "log.h"
 #include "uidswap.h"
@@ -117,8 +117,16 @@
                fatal("permanently_set_uid: temporarily_use_uid effective");
        debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid,
            (u_int)pw->pw_gid);
+       debug("debug: currently %u/%u %u/%u", (u_int)geteuid(), (u_int)getuid(),
+           (u_int)getegid(), (u_int)getgid());
        if (setgid(pw->pw_gid) < 0)
                fatal("setgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno));
+       if (setegid(pw->pw_gid) < 0)
+               fatal("setegid %u: %.100s", (u_int)pw->pw_gid, strerror(errno));
        if (setuid(pw->pw_uid) < 0)
                fatal("setuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno));
+       if (seteuid(pw->pw_uid) < 0)
+               fatal("seteuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno));
+       debug("debug: finally %u/%u %u/%u", (u_int)geteuid(), (u_int)getuid(),
+           (u_int)getegid(), (u_int)getgid());
 }