svn commit: r208132 - head/sbin/bsdlabel
Kevin Lo
kevlo at FreeBSD.org
Sun May 16 08:03:25 UTC 2010
Author: kevlo
Date: Sun May 16 08:03:24 2010
New Revision: 208132
URL: http://svn.freebsd.org/changeset/base/208132
Log:
Use setresuid/setresgid to drop privileges
Modified:
head/sbin/bsdlabel/bsdlabel.c
Modified: head/sbin/bsdlabel/bsdlabel.c
==============================================================================
--- head/sbin/bsdlabel/bsdlabel.c Sun May 16 07:46:03 2010 (r208131)
+++ head/sbin/bsdlabel/bsdlabel.c Sun May 16 08:03:24 2010 (r208132)
@@ -684,6 +684,8 @@ editit(void)
int pid, xpid;
int locstat, omask;
const char *ed;
+ uid_t uid;
+ gid_t gid;
omask = sigblock(sigmask(SIGINT)|sigmask(SIGQUIT)|sigmask(SIGHUP));
while ((pid = fork()) < 0) {
@@ -699,8 +701,12 @@ editit(void)
}
if (pid == 0) {
sigsetmask(omask);
- setgid(getgid());
- setuid(getuid());
+ gid = getgid();
+ if (setresgid(gid, gid, gid) == -1)
+ err(1, "setresgid");
+ uid = getuid();
+ if (setresuid(uid, uid, uid) == -1)
+ err(1, "setresuid");
if ((ed = getenv("EDITOR")) == (char *)0)
ed = DEFEDITOR;
execlp(ed, ed, tmpfil, (char *)0);
More information about the svn-src-all
mailing list