diff options
| author |   florian <florian@openbsd.org> | 2016-10-20 18:34:17 +0000 |
|---|---|---|
| committer | florian <florian@openbsd.org> | 2016-10-20 18:34:17 +0000 |
| commit | fd3f103f8fd06c59ad4bfedb1e2003d0fdb332e3 (patch) | |
| tree | 3fcd1187d3b5cfe6bb34656ba555d7b4939c854e | |
| parent | Replace fork() and sleep() with a Python thread for sniffing packets. (diff) | |
| download | wireguard-openbsd-fd3f103f8fd06c59ad4bfedb1e2003d0fdb332e3.tar.xz wireguard-openbsd-fd3f103f8fd06c59ad4bfedb1e2003d0fdb332e3.zip | |
Only drop to _ping user if invoked as root. If invoked as an
unprivileged user just shed the setuid privs as previously.
sthen@ pointed out that you cannot kill(2) your own ping.
With this we rely on pledge(2) for unprivileged users.
OK sthen@, deraadt@ is happy with the middle ground
| -rw-r--r-- | sbin/ping/ping.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c index 6f96a602420..6d8aaa4a81d 100644 --- a/sbin/ping/ping.c +++ b/sbin/ping/ping.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ping.c,v 1.216 2016/09/28 06:39:12 florian Exp $ */ +/* $OpenBSD: ping.c,v 1.217 2016/10/20 18:34:17 florian Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -276,7 +276,7 @@ main(int argc, char *argv[]) /* revoke privs */ ouid = getuid(); - if ((pw = getpwnam(PING_USER)) != NULL) { + if (ouid == 0 && (pw = getpwnam(PING_USER)) != NULL) { uid = pw->pw_uid; gid = pw->pw_gid; } else { |