Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 16 May 2010 08:03:24 +0000 (UTC)
From:      Kevin Lo <kevlo@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r208132 - head/sbin/bsdlabel
Message-ID:  <201005160803.o4G83OHV039769@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: kevlo
Date: Sun May 16 08:03:24 2010
New Revision: 208132
URL: http://svn.freebsd.org/changeset/base/208132

Log:
  Use setresuid/setresgid to drop privileges

Modified:
  head/sbin/bsdlabel/bsdlabel.c

Modified: head/sbin/bsdlabel/bsdlabel.c
==============================================================================
--- head/sbin/bsdlabel/bsdlabel.c	Sun May 16 07:46:03 2010	(r208131)
+++ head/sbin/bsdlabel/bsdlabel.c	Sun May 16 08:03:24 2010	(r208132)
@@ -684,6 +684,8 @@ editit(void)
 	int pid, xpid;
 	int locstat, omask;
 	const char *ed;
+	uid_t uid;
+	gid_t gid;
 
 	omask = sigblock(sigmask(SIGINT)|sigmask(SIGQUIT)|sigmask(SIGHUP));
 	while ((pid = fork()) < 0) {
@@ -699,8 +701,12 @@ editit(void)
 	}
 	if (pid == 0) {
 		sigsetmask(omask);
-		setgid(getgid());
-		setuid(getuid());
+		gid = getgid();
+		if (setresgid(gid, gid, gid) == -1)
+			err(1, "setresgid");
+		uid = getuid();
+		if (setresuid(uid, uid, uid) == -1)
+			err(1, "setresuid");
 		if ((ed = getenv("EDITOR")) == (char *)0)
 			ed = DEFEDITOR;
 		execlp(ed, ed, tmpfil, (char *)0);

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201005160803.o4G83OHV039769>