Last parts of the Openwall patch shadow-4.0.4.1-owl-chage-drop-priv.diff:
* src/chage.c: Make chage -l also drop the saved GID. * src/chage.c: Prefer setregid/setreuid to setgid/setuid.
This commit is contained in:
parent
24cfb1c158
commit
8e568ef697
@ -1,9 +1,12 @@
|
||||
2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
|
||||
|
||||
Fixes from Openwall patch shadow-4.0.4.1-owl-chage-drop-priv.diff:
|
||||
* src/chage.c: Remove cleanup(). pw_lock is never called. Replace
|
||||
cleanup(2) by spw_unlock and remove the calls to cleanup(1).
|
||||
* src/chage.c: Remove variable pwrw. It is always set to 0. The
|
||||
password database is always read only.
|
||||
* src/chage.c: Make chage -l also drop the saved GID.
|
||||
* src/chage.c: Prefer setregid/setreuid to setgid/setuid.
|
||||
|
||||
2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
|
||||
|
||||
|
@ -322,6 +322,7 @@ int main (int argc, char **argv)
|
||||
const struct spwd *sp;
|
||||
struct spwd spwd;
|
||||
uid_t ruid;
|
||||
gid_t rgid;
|
||||
int amroot;
|
||||
const struct passwd *pw;
|
||||
struct passwd pwent;
|
||||
@ -342,6 +343,7 @@ int main (int argc, char **argv)
|
||||
textdomain (PACKAGE);
|
||||
|
||||
ruid = getuid ();
|
||||
rgid = getgid ();
|
||||
amroot = (ruid == 0);
|
||||
#ifdef WITH_SELINUX
|
||||
if (amroot && is_selinux_enabled () > 0)
|
||||
@ -547,7 +549,7 @@ int main (int argc, char **argv)
|
||||
exit (E_NOPERM);
|
||||
}
|
||||
|
||||
if (lflg && (setgid (getgid ()) || setuid (ruid))) {
|
||||
if (lflg && (setregid (rgid, rgid) || setreuid (ruid, ruid))) {
|
||||
fprintf (stderr, _("%s: failed to drop privileges (%s)\n"),
|
||||
Prog, strerror (errno));
|
||||
#ifdef WITH_AUDIT
|
||||
|
Loading…
Reference in New Issue
Block a user