diff options
author | Andrey A. Chernov <ache@FreeBSD.org> | 1999-04-24 17:01:58 +0000 |
---|---|---|
committer | Andrey A. Chernov <ache@FreeBSD.org> | 1999-04-24 17:01:58 +0000 |
commit | 23bd0535f2a4c1caf758c194ea275546b253e57f (patch) | |
tree | 10194536866843c19a79a6cdf288a4f94cef7e93 /libutil | |
parent | 6bbf8e8bb56f7764c4818c942709f9cc3dc71d50 (diff) | |
download | pw-darwin-23bd0535f2a4c1caf758c194ea275546b253e57f.tar.gz pw-darwin-23bd0535f2a4c1caf758c194ea275546b253e57f.tar.zst pw-darwin-23bd0535f2a4c1caf758c194ea275546b253e57f.zip |
Switch to user UID/GID before checking/reading its ~/.login_conf
- some NFSes have root read access disabled
Diffstat (limited to 'libutil')
-rw-r--r-- | libutil/login_cap.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/libutil/login_cap.c b/libutil/login_cap.c index 0369907..8fee8dd 100644 --- a/libutil/login_cap.c +++ b/libutil/login_cap.c @@ -25,7 +25,7 @@ * * Low-level routines relating to the user capabilities database * - * $Id: login_cap.c,v 1.13 1997/05/11 08:07:29 davidn Exp $ + * $Id: login_cap.c,v 1.14 1997/06/13 22:26:41 davidn Exp $ */ #include <stdio.h> @@ -184,12 +184,21 @@ login_getclassbyname(char const *name, const struct passwd *pwd) if ((lc = malloc(sizeof(login_cap_t))) != NULL) { int r, i = 0; + uid_t euid; + gid_t egid; const char *msg = NULL; const char *dir = (pwd == NULL) ? NULL : pwd->pw_dir; char userpath[MAXPATHLEN]; static char *login_dbarray[] = { NULL, NULL, NULL }; + /* Switch to user mode before checking/reading its ~/.login_conf */ + /* - some NFSes have root read access disabled. */ + euid = geteuid(); + egid = getegid(); + (void)setegid(pwd->pw_gid); + (void)seteuid(pwd->pw_uid); + if (dir && snprintf(userpath, MAXPATHLEN, "%s/%s", dir, _FILE_LOGIN_CONF) < MAXPATHLEN) { login_dbarray[i] = userpath; @@ -229,6 +238,8 @@ login_getclassbyname(char const *name, const struct passwd *pwd) /* Fallthru - just return system defaults */ case 0: /* success! */ if ((lc->lc_class = strdup(name)) != NULL) { + (void)seteuid(euid); + (void)setegid(egid); ++lc_object_count; return lc; } @@ -247,6 +258,8 @@ login_getclassbyname(char const *name, const struct passwd *pwd) msg = "%s: unexpected cgetent() error '%s': %m"; break; } + (void)seteuid(euid); + (void)setegid(egid); if (msg != NULL) syslog(LOG_ERR, msg, "login_getclass", name); free(lc); |