diff options
author | Rob Landley | 2006-07-16 08:06:34 +0000 |
---|---|---|
committer | Rob Landley | 2006-07-16 08:06:34 +0000 |
commit | afb94ecf2bb6c53ce2a381d6ce45a426243c76d9 (patch) | |
tree | 0390f5cfb0cfd70882175f7e383a30d8cb1527cc /networking | |
parent | 25c194fd1941a7ba67d68a09fa101bc54a756a14 (diff) | |
download | busybox-afb94ecf2bb6c53ce2a381d6ce45a426243c76d9.zip busybox-afb94ecf2bb6c53ce2a381d6ce45a426243c76d9.tar.gz |
Convert setuid/setgid users to xsetuid/xsetgid.
Diffstat (limited to 'networking')
-rw-r--r-- | networking/arping.c | 3 | ||||
-rw-r--r-- | networking/ether-wake.c | 2 | ||||
-rw-r--r-- | networking/fakeidentd.c | 4 | ||||
-rw-r--r-- | networking/inetd.c | 6 | ||||
-rw-r--r-- | networking/traceroute.c | 8 |
5 files changed, 11 insertions, 12 deletions
diff --git a/networking/arping.c b/networking/arping.c index 6cb6076..5665ddb 100644 --- a/networking/arping.c +++ b/networking/arping.c @@ -262,7 +262,8 @@ int arping_main(int argc, char **argv) s = socket(PF_PACKET, SOCK_DGRAM, 0); ifindex = errno; - setuid(getuid()); + // Drop suid root privileges + xsetuid(getuid()); { unsigned long opt; diff --git a/networking/ether-wake.c b/networking/ether-wake.c index b4fb0c2..1803d22 100644 --- a/networking/ether-wake.c +++ b/networking/ether-wake.c @@ -145,7 +145,7 @@ int etherwake_main(int argc, char *argv[]) s = make_socket(); /* now that we have a raw socket we can drop root */ - setuid(getuid()); + xsetuid(getuid()); /* look up the dest mac address */ get_dest_addr(argv[optind], &eaddr); diff --git a/networking/fakeidentd.c b/networking/fakeidentd.c index b5b70f5..9cdbc57 100644 --- a/networking/fakeidentd.c +++ b/networking/fakeidentd.c @@ -159,8 +159,8 @@ static int godaemon(void) close(0); inetbind(); - if (setgid(nogrp)) bb_error_msg_and_die("Could not setgid()"); - if (setuid(nobody)) bb_error_msg_and_die("Could not setuid()"); + xsetgid(nogrp); + xsetuid(nobody); close(1); close(2); diff --git a/networking/inetd.c b/networking/inetd.c index d50bbd3..54294b6 100644 --- a/networking/inetd.c +++ b/networking/inetd.c @@ -1513,11 +1513,11 @@ inetd_main (int argc, char *argv[]) if (sep->se_group) { pwd->pw_gid = grp->gr_gid; } - setgid ((gid_t) pwd->pw_gid); + xsetgid ((gid_t) pwd->pw_gid); initgroups (pwd->pw_name, pwd->pw_gid); - setuid ((uid_t) pwd->pw_uid); + xsetuid((uid_t) pwd->pw_uid); } else if (sep->se_group) { - setgid (grp->gr_gid); + xsetgid(grp->gr_gid); setgroups (1, &grp->gr_gid); } dup2 (ctrl, 0); diff --git a/networking/traceroute.c b/networking/traceroute.c index 79f3957..c2084fc 100644 --- a/networking/traceroute.c +++ b/networking/traceroute.c @@ -941,7 +941,6 @@ traceroute_main(int argc, char *argv[]) #endif u_short off = 0; struct IFADDRLIST *al; - int uid = getuid(); char *device = NULL; int max_ttl = 30; char *max_ttl_str = NULL; @@ -1010,8 +1009,7 @@ traceroute_main(int argc, char *argv[]) * set the ip source address of the outbound * probe (e.g., on a multi-homed host). */ - if (uid) - bb_error_msg_and_die("-s %s: Permission denied", source); + if (getuid()) bb_error_msg_and_die("-s %s: Permission denied", source); } if(waittime_str) waittime = str2val(waittime_str, "wait time", 2, 24 * 60 * 60); @@ -1160,8 +1158,8 @@ traceroute_main(int argc, char *argv[]) sizeof(on)); /* Revert to non-privileged user after opening sockets */ - setgid(getgid()); - setuid(uid); + xsetgid(getgid()); + xsetuid(getuid()); outip = (struct ip *)xcalloc(1, (unsigned)packlen); |