Date: Sat, 23 Apr 2011 14:19:26 +0000 (UTC) From: "Simon L. Nielsen" <simon@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r220971 - head/usr.bin/finger Message-ID: <201104231419.p3NEJQp0092697@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: simon Date: Sat Apr 23 14:19:26 2011 New Revision: 220971 URL: http://svn.freebsd.org/changeset/base/220971 Log: Check return code of setuid() and setgid() in finger. While they will not fail in normal circumstances, better safe than sorry. MFC after: 1 week Modified: head/usr.bin/finger/finger.c Modified: head/usr.bin/finger/finger.c ============================================================================== --- head/usr.bin/finger/finger.c Sat Apr 23 13:57:12 2011 (r220970) +++ head/usr.bin/finger/finger.c Sat Apr 23 14:19:26 2011 (r220971) @@ -164,11 +164,15 @@ main(int argc, char **argv) if (getuid() == 0 || geteuid() == 0) { invoker_root = 1; if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) { - setgid(pw->pw_gid); - setuid(pw->pw_uid); + if (setgid(pw->pw_gid) != 0) + err(1, "setgid()"); + if (setuid(pw->pw_uid) != 0) + err(1, "setuid()"); } else { - setgid(UNPRIV_UGID); - setuid(UNPRIV_UGID); + if (setgid(UNPRIV_UGID) != 0) + err(1, "setgid()"); + if (setuid(UNPRIV_UGID) != 0) + err(1, "setuid()"); } }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201104231419.p3NEJQp0092697>