diff options
| author |   deraadt <deraadt@openbsd.org> | 2016-04-25 15:43:34 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2016-04-25 15:43:34 +0000 |
| commit | 22e57725e6395c673be0caa99a4d1d7c29f68b96 (patch) | |
| tree | 802d510eb6e1f0d2607aa3d72134dec7b605acfa | |
| parent | We attach acpihpet(4) and acpiec(4) without using the HID, so do not (diff) | |
| download | wireguard-openbsd-22e57725e6395c673be0caa99a4d1d7c29f68b96.tar.xz wireguard-openbsd-22e57725e6395c673be0caa99a4d1d7c29f68b96.zip | |
prefer setres{u,g}id() rather than manipulating both real and effective
ids, it clarifies these are full revocation situations.
ok millert
| -rw-r--r-- | libexec/ftpd/ftpd.c | 6 | ||||
| -rw-r--r-- | libexec/ftpd/monitor.c | 14 | ||||
| -rw-r--r-- | libexec/rpc.rusersd/rusersd.c | 8 | ||||
| -rw-r--r-- | libexec/rpc.rwalld/rwalld.c | 8 |
4 files changed, 14 insertions, 22 deletions
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c index 7edd3a5c754..b0aad51358f 100644 --- a/libexec/ftpd/ftpd.c +++ b/libexec/ftpd/ftpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ftpd.c,v 1.214 2016/04/06 07:14:17 semarie Exp $ */ +/* $OpenBSD: ftpd.c,v 1.215 2016/04/25 15:43:34 deraadt Exp $ */ /* $NetBSD: ftpd.c,v 1.15 1995/06/03 22:46:47 mycroft Exp $ */ /* @@ -1077,11 +1077,11 @@ pass(char *passwd) } else lreply(230, "No directory! Logging in with home=/"); } - if (setegid(pw->pw_gid) < 0 || setgid(pw->pw_gid) < 0) { + if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0) { reply(550, "Can't set gid."); goto bad; } - if (seteuid(pw->pw_uid) < 0 || setuid(pw->pw_uid) < 0) { + if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0) { reply(550, "Can't set uid."); goto bad; } diff --git a/libexec/ftpd/monitor.c b/libexec/ftpd/monitor.c index 2ce6a6e24f3..04b1e3ff4ec 100644 --- a/libexec/ftpd/monitor.c +++ b/libexec/ftpd/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.23 2015/11/16 17:31:14 tedu Exp $ */ +/* $OpenBSD: monitor.c,v 1.24 2016/04/25 15:43:34 deraadt Exp $ */ /* * Copyright (c) 2004 Moritz Jodeit <moritz@openbsd.org> @@ -182,14 +182,10 @@ monitor_init(void) if (setgroups(1, &pw->pw_gid) == -1) fatalx("setgroups: %m"); - if (setegid(pw->pw_gid) == -1) - fatalx("setegid failed"); - if (setgid(pw->pw_gid) == -1) - fatalx("setgid failed"); - if (seteuid(pw->pw_uid) == -1) - fatalx("seteuid failed"); - if (setuid(pw->pw_uid) == -1) - fatalx("setuid failed"); + if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) + fatalx("setresgid failed"); + if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) + fatalx("setresuid failed"); endpwent(); close(fd_slave); diff --git a/libexec/rpc.rusersd/rusersd.c b/libexec/rpc.rusersd/rusersd.c index 00c52731c7c..47b67caa53b 100644 --- a/libexec/rpc.rusersd/rusersd.c +++ b/libexec/rpc.rusersd/rusersd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rusersd.c,v 1.17 2015/12/01 20:23:46 tim Exp $ */ +/* $OpenBSD: rusersd.c,v 1.18 2016/04/25 15:43:34 deraadt Exp $ */ /*- * Copyright (c) 1993 John Brezak @@ -87,10 +87,8 @@ main(int argc, char *argv[]) if (pw) { setgroups(1, &pw->pw_gid); - setegid(pw->pw_gid); - setgid(pw->pw_gid); - seteuid(pw->pw_uid); - setuid(pw->pw_uid); + setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid); + setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid); } /* diff --git a/libexec/rpc.rwalld/rwalld.c b/libexec/rpc.rwalld/rwalld.c index 0c799733f2f..d049aaa18fb 100644 --- a/libexec/rpc.rwalld/rwalld.c +++ b/libexec/rpc.rwalld/rwalld.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rwalld.c,v 1.14 2009/10/27 23:59:31 deraadt Exp $ */ +/* $OpenBSD: rwalld.c,v 1.15 2016/04/25 15:43:34 deraadt Exp $ */ /* * Copyright (c) 1993 Christopher G. Demetriou @@ -75,10 +75,8 @@ main(int argc, char *argv[]) } setgroups(1, &pw->pw_gid); - setegid(pw->pw_gid); - setgid(pw->pw_gid); - seteuid(pw->pw_uid); - setuid(pw->pw_uid); + setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid); + setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid); /* * See if inetd started us |