Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

plug security hole in "crontab -r". 

fix from Todd C. Miller <millert@cs.Colorado.EDU>
This commit is contained in:
cgd 1993-12-18 02:42:17 +00:00
parent c1bb61de2d
commit 0e3d3e345e
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
usr.bin/crontab/crontab.c
View File

@ -1,5 +1,5 @@
#ifndef lint
static char rcsid[] = "$Id: crontab.c,v 1.6 1993/12/07 10:27:05 mycroft Exp $";
static char rcsid[] = "$Id: crontab.c,v 1.7 1993/12/18 02:42:17 cgd Exp $";
#endif /* not lint */
#define MAIN_PROGRAM
@ -172,10 +172,13 @@ parse_args(argc, argv)
if (!strcmp(Filename, "-")) {
NewCrontab = stdin;
} else {
/* swap effective/real uid to plug security hole */
setreuid(geteuid(), getuid());
if (!(NewCrontab = fopen(Filename, "r"))) {
perror(Filename);
exit(ERROR_EXIT);
}
setreuid(getuid(), geteuid());
}
}