Module Name: src
Committed By: christos
Date: Fri Mar 2 19:26:40 UTC 2012
Modified Files:
src/external/bsd/cron/dist: crontab.c
Log Message:
PR/46127: Holger Weiss: "crontab <file>" fails for unprivileged users
XXX: Pullup to 6
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/external/bsd/cron/dist/crontab.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/cron/dist/crontab.c
diff -u src/external/bsd/cron/dist/crontab.c:1.3 src/external/bsd/cron/dist/crontab.c:1.4
--- src/external/bsd/cron/dist/crontab.c:1.3 Tue May 18 17:47:43 2010
+++ src/external/bsd/cron/dist/crontab.c Fri Mar 2 14:26:40 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $ */
+/* $NetBSD: crontab.c,v 1.4 2012/03/02 19:26:40 christos Exp $ */
/* Copyright 1988,1990,1993,1994 by Paul Vixie
* All rights reserved
@@ -25,7 +25,7 @@
#if 0
static char rcsid[] = "Id: crontab.c,v 1.12 2004/01/23 18:56:42 vixie Exp";
#else
-__RCSID("$NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $");
+__RCSID("$NetBSD: crontab.c,v 1.4 2012/03/02 19:26:40 christos Exp $");
#endif
#endif
@@ -66,7 +66,8 @@ static void list_cmd(void),
static int replace_cmd(void);
static int allowed(const char *, const char *, const char *);
static int in_file(const char *, FILE *, int);
-static int swap_uids(void);
+static int relinguish_priv(void);
+static int regain_priv(void);
static void
usage(const char *msg) {
@@ -80,6 +81,9 @@ usage(const char *msg) {
exit(ERROR_EXIT);
}
+static uid_t euid, ruid;
+static gid_t egid, rgid;
+
int
main(int argc, char *argv[]) {
int exitstatus;
@@ -88,6 +92,14 @@ main(int argc, char *argv[]) {
Pid = getpid();
(void)setlocale(LC_ALL, "");
+ euid = geteuid();
+ egid = getegid();
+ ruid = getuid();
+ rgid = getgid();
+
+ if (euid == ruid || euid)
+ err(ERROR_EXIT, "Not installed setuid root");
+
(void)setvbuf(stderr, NULL, _IOLBF, 0);
parse_args(argc, argv); /* sets many globals, opens a file */
set_cron_cwd();
@@ -211,13 +223,13 @@ parse_args(int argc, char *argv[]) {
* the race.
*/
- if (swap_uids() < OK) {
+ if (relinguish_priv() < OK) {
err(ERROR_EXIT, "swapping uids");
}
if (!(NewCrontab = fopen(Filename, "r"))) {
err(ERROR_EXIT, "cannot open `%s'", Filename);
}
- if (swap_uids() < OK) {
+ if (regain_priv() < OK) {
err(ERROR_EXIT, "swapping uids back");
}
}
@@ -587,7 +599,7 @@ replace_cmd(void) {
*/
(void)fprintf(tmp, "# DO NOT EDIT THIS FILE - edit the master and reinstall.\n");
(void)fprintf(tmp, "# (%s installed on %-24.24s)\n", Filename, ctime(&now));
- (void)fprintf(tmp, "# (Cron version %s -- %s)\n", CRON_VERSION, "$NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $");
+ (void)fprintf(tmp, "# (Cron version %s -- %s)\n", CRON_VERSION, "$NetBSD: crontab.c,v 1.4 2012/03/02 19:26:40 christos Exp $");
/* copy the crontab to the tmp
*/
@@ -772,25 +784,21 @@ in_file(const char *string, FILE *file,
#ifdef HAVE_SAVED_UIDS
-static int swap_uids(void) {
- return ((setegid(getgid()) || seteuid(getuid())) ? -1 : 0);
+static int relinguish_priv(void) {
+ return (setegid(rgid) || seteuid(ruid)) ? -1 : 0;
}
-#if 0
-static int swap_uids_back(void) {
- return ((setegid(getgid()) || seteuid(getuid())) ? -1 : 0);
+
+static int regain_priv(void) {
+ return (setegid(egid) || seteuid(euid)) ? -1 : 0;
}
-#endif
#else /*HAVE_SAVED_UIDS*/
-static int swap_uids(void) {
- return ((setregid(getegid(), getgid()) || setreuid(geteuid(), getuid()))
- ? -1 : 0);
+static int relinguish_priv(void) {
+ return (setregid(egid, rgid) || setreuid(euid, ruid)) ? -1 : 0;
}
-#if 0
-static int swap_uids_back(void) {
- return (swap_uids());
+static int regain_priv(void) {
+ return (setregid(rgid, egid) || setreuid(ruid, euid)) ? -1 : 0;
}
-#endif
#endif /*HAVE_SAVED_UIDS*/
