Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/external/bsd/cron/dist PR/46127: Holger Weiss: "crontab <fil...
details: https://anonhg.NetBSD.org/src/rev/94b8a186e637
branches: trunk
changeset: 777744:94b8a186e637
user: christos <christos%NetBSD.org@localhost>
date: Fri Mar 02 19:26:40 2012 +0000
description:
PR/46127: Holger Weiss: "crontab <file>" fails for unprivileged users
XXX: Pullup to 6
diffstat:
external/bsd/cron/dist/crontab.c | 46 +++++++++++++++++++++++----------------
1 files changed, 27 insertions(+), 19 deletions(-)
diffs (113 lines):
diff -r 871eb6cf353e -r 94b8a186e637 external/bsd/cron/dist/crontab.c
--- a/external/bsd/cron/dist/crontab.c Fri Mar 02 18:57:27 2012 +0000
+++ b/external/bsd/cron/dist/crontab.c Fri Mar 02 19:26:40 2012 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $ */
+/* $NetBSD: crontab.c,v 1.4 2012/03/02 19:26:40 christos Exp $ */
/* Copyright 1988,1990,1993,1994 by Paul Vixie
* All rights reserved
@@ -25,7 +25,7 @@
#if 0
static char rcsid[] = "Id: crontab.c,v 1.12 2004/01/23 18:56:42 vixie Exp";
#else
-__RCSID("$NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $");
+__RCSID("$NetBSD: crontab.c,v 1.4 2012/03/02 19:26:40 christos Exp $");
#endif
#endif
@@ -66,7 +66,8 @@
static int replace_cmd(void);
static int allowed(const char *, const char *, const char *);
static int in_file(const char *, FILE *, int);
-static int swap_uids(void);
+static int relinguish_priv(void);
+static int regain_priv(void);
static void
usage(const char *msg) {
@@ -80,6 +81,9 @@
exit(ERROR_EXIT);
}
+static uid_t euid, ruid;
+static gid_t egid, rgid;
+
int
main(int argc, char *argv[]) {
int exitstatus;
@@ -88,6 +92,14 @@
Pid = getpid();
(void)setlocale(LC_ALL, "");
+ euid = geteuid();
+ egid = getegid();
+ ruid = getuid();
+ rgid = getgid();
+
+ if (euid == ruid || euid)
+ err(ERROR_EXIT, "Not installed setuid root");
+
(void)setvbuf(stderr, NULL, _IOLBF, 0);
parse_args(argc, argv); /* sets many globals, opens a file */
set_cron_cwd();
@@ -211,13 +223,13 @@
* the race.
*/
- if (swap_uids() < OK) {
+ if (relinguish_priv() < OK) {
err(ERROR_EXIT, "swapping uids");
}
if (!(NewCrontab = fopen(Filename, "r"))) {
err(ERROR_EXIT, "cannot open `%s'", Filename);
}
- if (swap_uids() < OK) {
+ if (regain_priv() < OK) {
err(ERROR_EXIT, "swapping uids back");
}
}
@@ -587,7 +599,7 @@
*/
(void)fprintf(tmp, "# DO NOT EDIT THIS FILE - edit the master and reinstall.\n");
(void)fprintf(tmp, "# (%s installed on %-24.24s)\n", Filename, ctime(&now));
- (void)fprintf(tmp, "# (Cron version %s -- %s)\n", CRON_VERSION, "$NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $");
+ (void)fprintf(tmp, "# (Cron version %s -- %s)\n", CRON_VERSION, "$NetBSD: crontab.c,v 1.4 2012/03/02 19:26:40 christos Exp $");
/* copy the crontab to the tmp
*/
@@ -772,25 +784,21 @@
#ifdef HAVE_SAVED_UIDS
-static int swap_uids(void) {
- return ((setegid(getgid()) || seteuid(getuid())) ? -1 : 0);
+static int relinguish_priv(void) {
+ return (setegid(rgid) || seteuid(ruid)) ? -1 : 0;
}
-#if 0
-static int swap_uids_back(void) {
- return ((setegid(getgid()) || seteuid(getuid())) ? -1 : 0);
+
+static int regain_priv(void) {
+ return (setegid(egid) || seteuid(euid)) ? -1 : 0;
}
-#endif
#else /*HAVE_SAVED_UIDS*/
-static int swap_uids(void) {
- return ((setregid(getegid(), getgid()) || setreuid(geteuid(), getuid()))
- ? -1 : 0);
+static int relinguish_priv(void) {
+ return (setregid(egid, rgid) || setreuid(euid, ruid)) ? -1 : 0;
}
-#if 0
-static int swap_uids_back(void) {
- return (swap_uids());
+static int regain_priv(void) {
+ return (setregid(rgid, egid) || setreuid(ruid, euid)) ? -1 : 0;
}
-#endif
#endif /*HAVE_SAVED_UIDS*/
Home |
Main Index |
Thread Index |
Old Index