* Use setreuid if setresuid is not available.

This commit is contained in:
Eelco Dolstra 2006-12-03 14:32:22 +00:00
parent a9f9241054
commit 84d6459bd5
2 changed files with 17 additions and 7 deletions

View file

@ -238,11 +238,15 @@ AM_CONDITIONAL(INIT_STATE, test "$init_state" = "yes")
# Setuid installations. # Setuid installations.
AC_CHECK_FUNC(setresuid, [HAVE_SETRESUID=1], [HAVE_SETRESUID=]) AC_CHECK_FUNC(setresuid, [HAVE_SETRESUID=1], [HAVE_SETRESUID=])
AM_CONDITIONAL(HAVE_SETRESUID, test "$HAVE_SETRESUID" = "1")
if test "$HAVE_SETRESUID" = "1"; then if test "$HAVE_SETRESUID" = "1"; then
AC_DEFINE(HAVE_SETRESUID, 1, [whether we have setresuid()]) AC_DEFINE(HAVE_SETRESUID, 1, [whether we have setresuid()])
fi fi
AC_CHECK_FUNC(setreuid, [HAVE_SETREUID=1], [HAVE_SETREUID=])
if test "$HAVE_SETREUID" = "1"; then
AC_DEFINE(HAVE_SETREUID, 1, [whether we have setreuid()])
fi
# This is needed if ATerm, Berkeley DB or bzip2 are static libraries, # This is needed if ATerm, Berkeley DB or bzip2 are static libraries,
# and the Nix libraries are dynamic. # and the Nix libraries are dynamic.

View file

@ -244,13 +244,19 @@ static void setuidInit()
could also modify the Nix executables (say, replace them by a could also modify the Nix executables (say, replace them by a
Trojan horse), so the problem is already there. */ Trojan horse), so the problem is already there. */
#if HAVE_SETRESUID #if 0 && HAVE_SETRESUID
setresuid(nixUid, nixUid, nixUid); if (setresuid(nixUid, nixUid, nixUid)) abort();
setresgid(nixGid, nixGid, nixGid); if (setresgid(nixGid, nixGid, nixGid)) abort();
#else #elif HAVE_SETREUID
/* Note: doesn't set saved uid/gid! */ /* Note: doesn't set saved uid/gid! */
setuid(nixUid); fprintf(stderr, "warning: cannot set saved uid\n");
setgid(nixGid); if (setreuid(nixUid, nixUid)) abort();
if (setregid(nixGid, nixGid)) abort();
#else
/* Note: doesn't set real and saved uid/gid! */
fprintf(stderr, "warning: cannot set real and saved uids\n");
if (setuid(nixUid)) abort();
if (setgid(nixGid)) abort();
#endif #endif
} }