From 0e3d3e345e3093d140a91b535b48ab9327dd6107 Mon Sep 17 00:00:00 2001
From: cgd <cgd@NetBSD.org>
Date: Sat, 18 Dec 1993 02:42:17 +0000
Subject: [PATCH] plug security hole in "crontab -r". fix from Todd C. Miller
 <millert@cs.Colorado.EDU>

---
 usr.bin/crontab/crontab.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/usr.bin/crontab/crontab.c b/usr.bin/crontab/crontab.c
index 287d64375119..373d707b204d 100644
--- a/usr.bin/crontab/crontab.c
+++ b/usr.bin/crontab/crontab.c
@@ -1,5 +1,5 @@
 #ifndef lint
-static char rcsid[] = "$Id: crontab.c,v 1.6 1993/12/07 10:27:05 mycroft Exp $";
+static char rcsid[] = "$Id: crontab.c,v 1.7 1993/12/18 02:42:17 cgd Exp $";
 #endif /* not lint */
 
 #define	MAIN_PROGRAM
@@ -172,10 +172,13 @@ parse_args(argc, argv)
 		if (!strcmp(Filename, "-")) {
 			NewCrontab = stdin;
 		} else {
+			/* swap effective/real uid to plug security hole */
+			setreuid(geteuid(), getuid());
 			if (!(NewCrontab = fopen(Filename, "r"))) {
 				perror(Filename);
 				exit(ERROR_EXIT);
 			}
+			setreuid(getuid(), geteuid());
 		}
 	}