From owner-svn-src-head@FreeBSD.ORG Mon Apr 25 10:14:30 2011 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 094EA106564A; Mon, 25 Apr 2011 10:14:30 +0000 (UTC) (envelope-from jilles@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id EBC4C8FC08; Mon, 25 Apr 2011 10:14:29 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p3PAEThV070988; Mon, 25 Apr 2011 10:14:29 GMT (envelope-from jilles@svn.freebsd.org) Received: (from jilles@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p3PAETAM070986; Mon, 25 Apr 2011 10:14:29 GMT (envelope-from jilles@svn.freebsd.org) Message-Id: <201104251014.p3PAETAM070986@svn.freebsd.org> From: Jilles Tjoelker Date: Mon, 25 Apr 2011 10:14:29 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r221012 - head/bin/sh X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Apr 2011 10:14:30 -0000 Author: jilles Date: Mon Apr 25 10:14:29 2011 New Revision: 221012 URL: http://svn.freebsd.org/changeset/base/221012 Log: sh: Check setuid()/setgid() return values. If the -p option is turned off, privileges from a setuid or setgid binary are dropped. Make sure to check if this succeeds. If it fails, this is an error which will cause the shell to abort except in interactive mode or if 'command' was used to make 'set' or an outer 'eval' or '.' non-special. Note that taking advantage of this feature and writing setuid shell scripts seems unwise. MFC after: 1 week Modified: head/bin/sh/options.c Modified: head/bin/sh/options.c ============================================================================== --- head/bin/sh/options.c Mon Apr 25 10:08:34 2011 (r221011) +++ head/bin/sh/options.c Mon Apr 25 10:14:29 2011 (r221012) @@ -280,8 +280,10 @@ setoption(int flag, int val) int i; if (flag == 'p' && !val && privileged) { - (void) setuid(getuid()); - (void) setgid(getgid()); + if (setgid(getgid()) == -1) + error("setgid"); + if (setuid(getuid()) == -1) + error("setuid"); } for (i = 0; i < NOPTS; i++) if (optlist[i].letter == flag) {