git: 30bcbf8a2fef - stable/14 - comsat: move uid/gid setting earlier

From: Ed Maste <emaste_at_FreeBSD.org>
Date: Wed, 04 Dec 2024 18:38:43 UTC
The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=30bcbf8a2fefe81e28bd9e293d9ee970464b0da4

commit 30bcbf8a2fefe81e28bd9e293d9ee970464b0da4
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-12-01 20:43:10 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-12-04 18:38:31 +0000

    comsat: move uid/gid setting earlier
    
    It's good to reduce privilege as early as possible.
    
    Suggested by:   jlduran
    Reviewed by:    jlduran
    Obtained from:  NetBSD
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D47869
    
    (cherry picked from commit 91629228e3df14997df12ffc6e7be6b9964e5463)
---
 libexec/comsat/comsat.c | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/libexec/comsat/comsat.c b/libexec/comsat/comsat.c
index 1a9fb443e68e..2358336be61a 100644
--- a/libexec/comsat/comsat.c
+++ b/libexec/comsat/comsat.c
@@ -71,7 +71,7 @@ static int	debug = 0;
 
 static char	hostname[MAXHOSTNAMELEN];
 
-static void	jkfprintf(FILE *, char[], char[], off_t);
+static void	jkfprintf(FILE *, char[], off_t);
 static void	mailfor(char *);
 static void	notify(struct utmpx *, char[], off_t, int);
 static void	reapchildren(int);
@@ -159,6 +159,7 @@ notify(struct utmpx *utp, char file[], off_t offset, int folder)
 	FILE *tp;
 	struct stat stb;
 	struct termios tio;
+	struct passwd *p;
 	char tty[20];
 	const char *s = utp->ut_line;
 
@@ -192,6 +193,14 @@ notify(struct utmpx *utp, char file[], off_t offset, int folder)
 	}
 	(void)tcgetattr(fileno(tp), &tio);
 	cr = ((tio.c_oflag & (OPOST|ONLCR)) == (OPOST|ONLCR)) ?  "\n" : "\n\r";
+
+	/* Set uid/gid/groups to user's in case mail drop is on nfs */
+	if ((p = getpwnam(utp->ut_user)) == NULL ||
+	    initgroups(p->pw_name, p->pw_gid) == -1 ||
+	    setgid(p->pw_gid) == -1 ||
+	    setuid(p->pw_uid) == -1)
+		return;
+
 	switch (stb.st_mode & (S_IXUSR | S_IXGRP)) {
 	case S_IXUSR:
 	case (S_IXUSR | S_IXGRP):
@@ -200,7 +209,7 @@ notify(struct utmpx *utp, char file[], off_t offset, int folder)
 		    cr, utp->ut_user, (int)sizeof(hostname), hostname,
 		    folder ? cr : "", folder ? "to " : "", folder ? file : "",
 		    cr, cr);
-		jkfprintf(tp, utp->ut_user, file, offset);
+		jkfprintf(tp, file, offset);
 		break;
 	case S_IXGRP:
 		(void)fprintf(tp, "\007");
@@ -216,21 +225,13 @@ notify(struct utmpx *utp, char file[], off_t offset, int folder)
 }
 
 static void
-jkfprintf(FILE *tp, char user[], char file[], off_t offset)
+jkfprintf(FILE *tp, char file[], off_t offset)
 {
 	unsigned char *cp, ch;
 	FILE *fi;
 	int linecnt, charcnt, inheader;
-	struct passwd *p;
 	unsigned char line[BUFSIZ];
 
-	/* Set uid/gid/groups to user's in case mail drop is on nfs */
-	if ((p = getpwnam(user)) == NULL ||
-	    initgroups(p->pw_name, p->pw_gid) == -1 ||
-	    setgid(p->pw_gid) == -1 ||
-	    setuid(p->pw_uid) == -1)
-		return;
-
 	if ((fi = fopen(file, "r")) == NULL)
 		return;