wall: access FILE under real user's credentials

While at it, move applet/config/kbuild bits into wall.c.
(This way, it's more visible that applet is suid'ed).

function                                             old     new   delta
wall_main                                             87     138     +51

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

4 files changed, 24 insertions, 11 deletions

diff --git a/include/applets.src.h b/include/applets.src.h
index aa319bbc9..3a47e15b9 100644
--- a/include/applets.src.h
+++ b/include/applets.src.h
@@ -407,8 +407,6 @@ IF_VCONFIG(APPLET(vconfig, BB_DIR_SBIN, BB_SUID_DROP))
 /* Needs to be run by root or be suid root - needs to change uid and gid: */
 IF_VLOCK(APPLET(vlock, BB_DIR_USR_BIN, BB_SUID_REQUIRE))
 IF_VOLNAME(APPLET(volname, BB_DIR_USR_BIN, BB_SUID_DROP))
-/* Needs to be run by root or be suid root - needs to write to /dev/TTY: */
-IF_WALL(APPLET(wall, BB_DIR_USR_BIN, BB_SUID_REQUIRE))
 IF_WATCH(APPLET(watch, BB_DIR_BIN, BB_SUID_DROP))
 IF_WATCHDOG(APPLET(watchdog, BB_DIR_SBIN, BB_SUID_DROP))
 IF_WC(APPLET(wc, BB_DIR_USR_BIN, BB_SUID_DROP))
diff --git a/miscutils/Config.src b/miscutils/Config.src
index b9fc196d8..117ec7739 100644
--- a/miscutils/Config.src
+++ b/miscutils/Config.src
@@ -591,13 +591,6 @@ config VOLNAME
         help
           Prints a CD-ROM volume name.
 
-config WALL
-        bool "wall"
-        default y
-        depends on FEATURE_UTMP
-        help
-          Write a message to all users that are logged in.
-
 config WATCHDOG
         bool "watchdog"
         default y
diff --git a/miscutils/Kbuild.src b/miscutils/Kbuild.src
index 8c498643b..f3954f407 100644
--- a/miscutils/Kbuild.src
+++ b/miscutils/Kbuild.src
@@ -46,5 +46,4 @@ lib-$(CONFIG_TIME)        += time.o
 lib-$(CONFIG_TIMEOUT)     += timeout.o
 lib-$(CONFIG_TTYSIZE)     += ttysize.o
 lib-$(CONFIG_VOLNAME)     += volname.o
-lib-$(CONFIG_WALL)        += wall.o
 lib-$(CONFIG_WATCHDOG)    += watchdog.o
diff --git a/miscutils/wall.c b/miscutils/wall.c
index 762f53b72..c74f4f27b 100644
--- a/miscutils/wall.c
+++ b/miscutils/wall.c
@@ -6,6 +6,18 @@
  * Licensed under GPLv2 or later, see file LICENSE in this source tree.
  */
 
+//config:config WALL
+//config:       bool "wall"
+//config:       default y
+//config:       depends on FEATURE_UTMP
+//config:       help
+//config:         Write a message to all users that are logged in.
+
+/* Needs to be run by root or be suid root - needs to write to /dev/TTY: */
+//applet:IF_WALL(APPLET(wall, BB_DIR_USR_BIN, BB_SUID_REQUIRE))
+
+//kbuild:lib-$(CONFIG_WALL) += wall.o
+
 //usage:#define wall_trivial_usage
 //usage:        "[FILE]"
 //usage:#define wall_full_usage "\n\n"
@@ -22,8 +34,19 @@ int wall_main(int argc UNUSED_PARAM, char **argv)
 {
         struct utmp *ut;
         char *msg;
-        int fd = argv[1] ? xopen(argv[1], O_RDONLY) : STDIN_FILENO;
+        int fd;
 
+        fd = STDIN_FILENO;
+        if (argv[1]) {
+                /* The applet is setuid.
+                 * Access to the file must be under user's uid/gid.
+                 */
+                setfsuid(getuid());
+                setfsgid(getgid());
+                fd = xopen(argv[1], O_RDONLY);
+                setfsuid(geteuid());
+                setfsgid(getegid());
+        }
         msg = xmalloc_read(fd, NULL);
         if (ENABLE_FEATURE_CLEAN_UP && argv[1])
                 close(fd);