upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-09 00:32:25 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

comsat: Improve use of setuid()

Browse source 
Just return from jkfprintf if either (a) user lookup fails (that is,
getpwnam fails) or (b) setuid() to the user's uid fails.  If comsat is
invoked from inetd using the default of tty:tty we will now return due
to setuid() failing rather than fopen() failing.

PR:		270404
Reviewed by:	kevans
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47823

(cherry picked from commit 062b69ba04)
This commit is contained in:
Ed Maste 2024-11-27 15:36:46 -05:00
parent 2d7d4c6626
commit 957f7a2a58
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
libexec/comsat/comsat.c
View file

@ -225,8 +225,10 @@ jkfprintf(FILE *tp, char user[], char file[], off_t offset)
unsigned char line[BUFSIZ];
/* Set effective uid to user in case mail drop is on nfs */
if ((p = getpwnam(user)) != NULL)
(void) setuid(p->pw_uid);
if ((p = getpwnam(user)) == NULL)
return;
if (setuid(p->pw_uid) != 0)
return;
if ((fi = fopen(file, "r")) == NULL)
return;