From nobody Wed Dec 04 18:38:43 2024
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Y3R9w1SLLz5g1Xw;
	Wed, 04 Dec 2024 18:38:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Y3R9v6KYYz40ZY;
	Wed,  4 Dec 2024 18:38:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1733337523;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kWuNqJT4hAopi1nxjY9eN1D4drLCqvBxaHX2+6/OhZY=;
	b=JQIX2XnUuKpd14GtPpFmoVt7lYwYHbwSkMw8MjthBpXmIp8n84vhDAurT/bFY9KZjfJJ2K
	k1jZqvRO1bIlnAq65uIvlpiyNvViNF/tgHoaYKz1QuwVuDNI/We/vEI78JZNQZH/dFdH78
	5aKGvIUOxGezWUGk0I+IYzJdJH8vlb7Umbnl+1M+nN7c7ywsZ1yiVy/sDKejyroGb1SPZR
	YvR0XiNX1OlFC46FUD6yepOUFTr94W8f+Sc3IywQF0gausLbYVDgkbAu7caZsuW8OqbXp7
	sQR4lXynTjY8AHNA+Hbp/OILpEfqMeiuQn0i/LjO56jqNm4TF1F4oFpUZ+Uoeg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1733337523;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kWuNqJT4hAopi1nxjY9eN1D4drLCqvBxaHX2+6/OhZY=;
	b=CG7RNnB0LnwOaZ/5NrUIdEwWBzmeiIQIQchsPh/TdcMPyWxOIhRNWbKban7nQioXycx+tx
	6oOE2IV+8nnugiC+4hMBzR/mIPoIRKtv7y1eEYwZr7+zDXMK9IA0Y8bnpbbu1WM1vzz98x
	dU8vdZgzn/Q2UKdrqud9Pfx0VVx1wpIOkQnrG9oOluCiju5Y7UvnnmgyaM5K5NljvK3Grl
	t5HEqgJm/rzmapNamfT3LwxRdpqQJjOQ9DLcSAZ43kNXJmbaxtpvcg9qngl5mf6WO0zJvd
	33XRcTOUGAHPzzdlCqoAD6uE5+geiYYOw1WQlLkT0YMrF7ia0jnQBRh/iMZDyA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1733337523; a=rsa-sha256; cv=none;
	b=IdY+VuPkm0ssk0XnLCFsmdd64iDm9Q3JBTWhj25TGtoPICT+m1HeqxYPCN+iHl/UcvJ/UC
	zIr7qMhi5VkR7IWn7v5egRq4oMHjShRUdbdRnhC57o1enKQPMEP+TE/XKDedLwIFWlo8Sl
	F3VdRqXE1ZgP9mNsYLDSQwsjCV+hd7rvpetEagbrrLJboQnKR039l0Nw1eg+feDj1tDYL9
	406WZWEGDEO6yM3MEBOPxdLPaxAH8j9SVUEzRTRGV4ME6nuJQsu1hIaP5kJLw7bncIMgzK
	fJtlILC+J31c11whkFfB6E6VMIb0NOJEk8P6YQEK4ugOwCTyWDrHVU5ZpJiXrA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Y3R9v5xdkzJr5;
	Wed,  4 Dec 2024 18:38:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4B4IchoZ079455;
	Wed, 4 Dec 2024 18:38:43 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4B4IchRq079452;
	Wed, 4 Dec 2024 18:38:43 GMT
	(envelope-from git)
Date: Wed, 4 Dec 2024 18:38:43 GMT
Message-Id: <202412041838.4B4IchRq079452@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 30bcbf8a2fef - stable/14 - comsat: move uid/gid setting
  earlier
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 30bcbf8a2fefe81e28bd9e293d9ee970464b0da4
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=30bcbf8a2fefe81e28bd9e293d9ee970464b0da4

commit 30bcbf8a2fefe81e28bd9e293d9ee970464b0da4
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-12-01 20:43:10 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-12-04 18:38:31 +0000

    comsat: move uid/gid setting earlier
    
    It's good to reduce privilege as early as possible.
    
    Suggested by:   jlduran
    Reviewed by:    jlduran
    Obtained from:  NetBSD
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D47869
    
    (cherry picked from commit 91629228e3df14997df12ffc6e7be6b9964e5463)
---
 libexec/comsat/comsat.c | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/libexec/comsat/comsat.c b/libexec/comsat/comsat.c
index 1a9fb443e68e..2358336be61a 100644
--- a/libexec/comsat/comsat.c
+++ b/libexec/comsat/comsat.c
@@ -71,7 +71,7 @@ static int	debug = 0;
 
 static char	hostname[MAXHOSTNAMELEN];
 
-static void	jkfprintf(FILE *, char[], char[], off_t);
+static void	jkfprintf(FILE *, char[], off_t);
 static void	mailfor(char *);
 static void	notify(struct utmpx *, char[], off_t, int);
 static void	reapchildren(int);
@@ -159,6 +159,7 @@ notify(struct utmpx *utp, char file[], off_t offset, int folder)
 	FILE *tp;
 	struct stat stb;
 	struct termios tio;
+	struct passwd *p;
 	char tty[20];
 	const char *s = utp->ut_line;
 
@@ -192,6 +193,14 @@ notify(struct utmpx *utp, char file[], off_t offset, int folder)
 	}
 	(void)tcgetattr(fileno(tp), &tio);
 	cr = ((tio.c_oflag & (OPOST|ONLCR)) == (OPOST|ONLCR)) ?  "\n" : "\n\r";
+
+	/* Set uid/gid/groups to user's in case mail drop is on nfs */
+	if ((p = getpwnam(utp->ut_user)) == NULL ||
+	    initgroups(p->pw_name, p->pw_gid) == -1 ||
+	    setgid(p->pw_gid) == -1 ||
+	    setuid(p->pw_uid) == -1)
+		return;
+
 	switch (stb.st_mode & (S_IXUSR | S_IXGRP)) {
 	case S_IXUSR:
 	case (S_IXUSR | S_IXGRP):
@@ -200,7 +209,7 @@ notify(struct utmpx *utp, char file[], off_t offset, int folder)
 		    cr, utp->ut_user, (int)sizeof(hostname), hostname,
 		    folder ? cr : "", folder ? "to " : "", folder ? file : "",
 		    cr, cr);
-		jkfprintf(tp, utp->ut_user, file, offset);
+		jkfprintf(tp, file, offset);
 		break;
 	case S_IXGRP:
 		(void)fprintf(tp, "\007");
@@ -216,21 +225,13 @@ notify(struct utmpx *utp, char file[], off_t offset, int folder)
 }
 
 static void
-jkfprintf(FILE *tp, char user[], char file[], off_t offset)
+jkfprintf(FILE *tp, char file[], off_t offset)
 {
 	unsigned char *cp, ch;
 	FILE *fi;
 	int linecnt, charcnt, inheader;
-	struct passwd *p;
 	unsigned char line[BUFSIZ];
 
-	/* Set uid/gid/groups to user's in case mail drop is on nfs */
-	if ((p = getpwnam(user)) == NULL ||
-	    initgroups(p->pw_name, p->pw_gid) == -1 ||
-	    setgid(p->pw_gid) == -1 ||
-	    setuid(p->pw_uid) == -1)
-		return;
-
 	if ((fi = fopen(file, "r")) == NULL)
 		return;