aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRob Landley <rob@landley.net>2006-07-16 08:06:34 +0000
committerRob Landley <rob@landley.net>2006-07-16 08:06:34 +0000
commitafb94ecf2bb6c53ce2a381d6ce45a426243c76d9 (patch)
tree0390f5cfb0cfd70882175f7e383a30d8cb1527cc
parent25c194fd1941a7ba67d68a09fa101bc54a756a14 (diff)
downloadbusybox-w32-afb94ecf2bb6c53ce2a381d6ce45a426243c76d9.tar.gz
busybox-w32-afb94ecf2bb6c53ce2a381d6ce45a426243c76d9.tar.bz2
busybox-w32-afb94ecf2bb6c53ce2a381d6ce45a426243c76d9.zip
Convert setuid/setgid users to xsetuid/xsetgid.
Diffstat
-rw-r--r--loginutils/passwd.c5
-rw-r--r--networking/arping.c3
-rw-r--r--networking/ether-wake.c2
-rw-r--r--networking/fakeidentd.c4
-rw-r--r--networking/inetd.c6
-rw-r--r--networking/traceroute.c8
6 files changed, 12 insertions, 16 deletions
diff --git a/loginutils/passwd.c b/loginutils/passwd.c
index 5b828dfee..7745444c0 100644
--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
@@ -227,10 +227,7 @@ int passwd_main(int argc, char **argv)
227 signal(SIGINT, SIG_IGN); 227 signal(SIGINT, SIG_IGN);
228 signal(SIGQUIT, SIG_IGN); 228 signal(SIGQUIT, SIG_IGN);
229 umask(077); 229 umask(077);
230 if (setuid(0)) { 230 xsetuid(0);
231 syslog(LOG_ERR, "can't setuid(0)");
232 bb_error_msg_and_die( "Cannot change ID to root.\n");
233 }
234 if (!update_passwd(pw, crypt_passwd)) { 231 if (!update_passwd(pw, crypt_passwd)) {
235 syslog(LOG_INFO, "password for `%s' changed by user `%s'", name, 232 syslog(LOG_INFO, "password for `%s' changed by user `%s'", name,
236 myname); 233 myname);
diff --git a/networking/arping.c b/networking/arping.c
index 6cb607612..5665ddb2b 100644
--- a/networking/arping.c
+++ b/networking/arping.c
@@ -262,7 +262,8 @@ int arping_main(int argc, char **argv)
262 s = socket(PF_PACKET, SOCK_DGRAM, 0); 262 s = socket(PF_PACKET, SOCK_DGRAM, 0);
263 ifindex = errno; 263 ifindex = errno;
264 264
265 setuid(getuid()); 265 // Drop suid root privileges
266 xsetuid(getuid());
266 267
267 { 268 {
268 unsigned long opt; 269 unsigned long opt;
diff --git a/networking/ether-wake.c b/networking/ether-wake.c
index b4fb0c2d1..1803d2265 100644
--- a/networking/ether-wake.c
+++ b/networking/ether-wake.c
@@ -145,7 +145,7 @@ int etherwake_main(int argc, char *argv[])
145 s = make_socket(); 145 s = make_socket();
146 146
147 /* now that we have a raw socket we can drop root */ 147 /* now that we have a raw socket we can drop root */
148 setuid(getuid()); 148 xsetuid(getuid());
149 149
150 /* look up the dest mac address */ 150 /* look up the dest mac address */
151 get_dest_addr(argv[optind], &eaddr); 151 get_dest_addr(argv[optind], &eaddr);
diff --git a/networking/fakeidentd.c b/networking/fakeidentd.c
index b5b70f516..9cdbc5725 100644
--- a/networking/fakeidentd.c
+++ b/networking/fakeidentd.c
@@ -159,8 +159,8 @@ static int godaemon(void)
159 159
160 close(0); 160 close(0);
161 inetbind(); 161 inetbind();
162 if (setgid(nogrp)) bb_error_msg_and_die("Could not setgid()"); 162 xsetgid(nogrp);
163 if (setuid(nobody)) bb_error_msg_and_die("Could not setuid()"); 163 xsetuid(nobody);
164 close(1); 164 close(1);
165 close(2); 165 close(2);
166 166
diff --git a/networking/inetd.c b/networking/inetd.c
index d50bbd39a..54294b635 100644
--- a/networking/inetd.c
+++ b/networking/inetd.c
@@ -1513,11 +1513,11 @@ inetd_main (int argc, char *argv[])
1513 if (sep->se_group) { 1513 if (sep->se_group) {
1514 pwd->pw_gid = grp->gr_gid; 1514 pwd->pw_gid = grp->gr_gid;
1515 } 1515 }
1516 setgid ((gid_t) pwd->pw_gid); 1516 xsetgid ((gid_t) pwd->pw_gid);
1517 initgroups (pwd->pw_name, pwd->pw_gid); 1517 initgroups (pwd->pw_name, pwd->pw_gid);
1518 setuid ((uid_t) pwd->pw_uid); 1518 xsetuid((uid_t) pwd->pw_uid);
1519 } else if (sep->se_group) { 1519 } else if (sep->se_group) {
1520 setgid (grp->gr_gid); 1520 xsetgid(grp->gr_gid);
1521 setgroups (1, &grp->gr_gid); 1521 setgroups (1, &grp->gr_gid);
1522 } 1522 }
1523 dup2 (ctrl, 0); 1523 dup2 (ctrl, 0);
diff --git a/networking/traceroute.c b/networking/traceroute.c
index 79f3957a6..c2084fc1e 100644
--- a/networking/traceroute.c
+++ b/networking/traceroute.c
@@ -941,7 +941,6 @@ traceroute_main(int argc, char *argv[])
941#endif 941#endif
942 u_short off = 0; 942 u_short off = 0;
943 struct IFADDRLIST *al; 943 struct IFADDRLIST *al;
944 int uid = getuid();
945 char *device = NULL; 944 char *device = NULL;
946 int max_ttl = 30; 945 int max_ttl = 30;
947 char *max_ttl_str = NULL; 946 char *max_ttl_str = NULL;
@@ -1010,8 +1009,7 @@ traceroute_main(int argc, char *argv[])
1010 * set the ip source address of the outbound 1009 * set the ip source address of the outbound
1011 * probe (e.g., on a multi-homed host). 1010 * probe (e.g., on a multi-homed host).
1012 */ 1011 */
1013 if (uid) 1012 if (getuid()) bb_error_msg_and_die("-s %s: Permission denied", source);
1014 bb_error_msg_and_die("-s %s: Permission denied", source);
1015 } 1013 }
1016 if(waittime_str) 1014 if(waittime_str)
1017 waittime = str2val(waittime_str, "wait time", 2, 24 * 60 * 60); 1015 waittime = str2val(waittime_str, "wait time", 2, 24 * 60 * 60);
@@ -1160,8 +1158,8 @@ traceroute_main(int argc, char *argv[])
1160 sizeof(on)); 1158 sizeof(on));
1161 1159
1162 /* Revert to non-privileged user after opening sockets */ 1160 /* Revert to non-privileged user after opening sockets */
1163 setgid(getgid()); 1161 xsetgid(getgid());
1164 setuid(uid); 1162 xsetuid(getuid());
1165 1163
1166 outip = (struct ip *)xcalloc(1, (unsigned)packlen); 1164 outip = (struct ip *)xcalloc(1, (unsigned)packlen);
1167 1165
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 19:26:07 +0000