From owner-p4-projects@FreeBSD.ORG Tue May 13 05:41:12 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 98CF237B404; Tue, 13 May 2003 05:41:11 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 49F2F37B401 for ; Tue, 13 May 2003 05:41:11 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id CB0BB43F85 for ; Tue, 13 May 2003 05:41:10 -0700 (PDT) (envelope-from des@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h4DCfA0U006648 for ; Tue, 13 May 2003 05:41:10 -0700 (PDT) (envelope-from des@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h4DCfAlU006645 for perforce@freebsd.org; Tue, 13 May 2003 05:41:10 -0700 (PDT) Date: Tue, 13 May 2003 05:41:10 -0700 (PDT) Message-Id: <200305131241.h4DCfAlU006645@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to des@freebsd.org using -f From: Dag-Erling Smorgrav To: Perforce Change Reviews Subject: PERFORCE change 31067 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 May 2003 12:41:12 -0000 http://perforce.freebsd.org/chv.cgi?CH=31067 Change 31067 by des@des.at.des.thinksec.com on 2003/05/13 05:40:18 Support su'ing to another user with arguments. Drop privs in the child rather than in the parent so that pam_close_session(3) will be called with privs. Simplify some of the error handling. Based on patches received from Mike Petullo . Affected files ... .. //depot/projects/openpam/bin/su/su.c#9 edit Differences ... ==== //depot/projects/openpam/bin/su/su.c#9 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/bin/su/su.c#8 $ + * $P4: //depot/projects/openpam/bin/su/su.c#9 $ */ #include @@ -81,9 +81,17 @@ argc -= optind; argv += optind; + if (argc > 0) { + user = *argv; + --argc; + ++argv; + } else { + user = "root"; + } + /* initialize PAM */ pamc.conv = &openpam_ttyconv; - pam_start("su", argc ? *argv : "root", &pamc, &pamh); + pam_start("su", user, &pamc, &pamh); /* set some items */ gethostname(hostname, sizeof(hostname)); @@ -117,20 +125,6 @@ if (pam_err != PAM_SUCCESS || (pwd = getpwnam(user)) == NULL) goto pamerr; - /* set uid and groups */ - if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) { - warn("initgroups()"); - goto err; - } - if (setgid(pwd->pw_gid) == -1) { - warn("setgid()"); - goto err; - } - if (setuid(pwd->pw_uid) == -1) { - warn("setuid()"); - goto err; - } - /* export PAM environment */ if ((pam_envlist = pam_getenvlist(pamh)) != NULL) { for (pam_env = pam_envlist; *pam_env != NULL; ++pam_env) { @@ -154,7 +148,21 @@ warn("fork()"); goto err; case 0: - /* child: start a shell */ + /* child: give up privs and start a shell */ + + /* set uid and groups */ + if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) { + warn("initgroups()"); + _exit(1); + } + if (setgid(pwd->pw_gid) == -1) { + warn("setgid()"); + _exit(1); + } + if (setuid(pwd->pw_uid) == -1) { + warn("setuid()"); + _exit(1); + } execve(*args, args, environ); warn("execve()"); _exit(1); @@ -170,9 +178,7 @@ } pamerr: - pam_end(pamh, pam_err); fprintf(stderr, "Sorry\n"); - exit(1); err: pam_end(pamh, pam_err); exit(1);