Date: Thu, 5 May 2011 22:07:02 +0000 (UTC) From: Jilles Tjoelker <jilles@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r221515 - stable/8/bin/sh Message-ID: <201105052207.p45M72Lu018874@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jilles Date: Thu May 5 22:07:02 2011 New Revision: 221515 URL: http://svn.freebsd.org/changeset/base/221515 Log: MFC r221012: sh: Check setuid()/setgid() return values. If the -p option is turned off, privileges from a setuid or setgid binary are dropped. Make sure to check if this succeeds. If it fails, this is an error which will cause the shell to abort except in interactive mode or if 'command' was used to make 'set' or an outer 'eval' or '.' non-special. Note that taking advantage of this feature and writing setuid shell scripts seems unwise. Modified: stable/8/bin/sh/options.c Directory Properties: stable/8/bin/sh/ (props changed) Modified: stable/8/bin/sh/options.c ============================================================================== --- stable/8/bin/sh/options.c Thu May 5 22:04:59 2011 (r221514) +++ stable/8/bin/sh/options.c Thu May 5 22:07:02 2011 (r221515) @@ -278,8 +278,10 @@ setoption(int flag, int val) int i; if (flag == 'p' && !val && privileged) { - (void) setuid(getuid()); - (void) setgid(getgid()); + if (setgid(getgid()) == -1) + error("setgid"); + if (setuid(getuid()) == -1) + error("setuid"); } for (i = 0; i < NOPTS; i++) if (optlist[i].letter == flag) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201105052207.p45M72Lu018874>