Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

PR/46127: Holger Weiss: "crontab <file>" fails for unprivileged users 

XXX: Pullup to 6
This commit is contained in:
christos 2012-03-02 19:26:40 +00:00
parent edf7bb773c
commit 2ed8e2f0f4
1 changed files with 27 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
external/bsd/cron/dist/crontab.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $ */
/* $NetBSD: crontab.c,v 1.4 2012/03/02 19:26:40 christos Exp $ */
/* Copyright 1988,1990,1993,1994 by Paul Vixie
* All rights reserved
@ -25,7 +25,7 @@
#if 0
static char rcsid[] = "Id: crontab.c,v 1.12 2004/01/23 18:56:42 vixie Exp";
#else
__RCSID("$NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $");
__RCSID("$NetBSD: crontab.c,v 1.4 2012/03/02 19:26:40 christos Exp $");
#endif
#endif
@ -66,7 +66,8 @@ static void list_cmd(void),
static int replace_cmd(void);
static int allowed(const char *, const char *, const char *);
static int in_file(const char *, FILE *, int);
static int swap_uids(void);
static int relinguish_priv(void);
static int regain_priv(void);
static void
usage(const char *msg) {
@ -80,6 +81,9 @@ usage(const char *msg) {
exit(ERROR_EXIT);
}
static uid_t euid, ruid;
static gid_t egid, rgid;
int
main(int argc, char *argv[]) {
int exitstatus;
@ -88,6 +92,14 @@ main(int argc, char *argv[]) {
Pid = getpid();
(void)setlocale(LC_ALL, "");
euid = geteuid();
egid = getegid();
ruid = getuid();
rgid = getgid();
if (euid == ruid || euid)
err(ERROR_EXIT, "Not installed setuid root");
(void)setvbuf(stderr, NULL, _IOLBF, 0);
parse_args(argc, argv); /* sets many globals, opens a file */
set_cron_cwd();
@ -211,13 +223,13 @@ parse_args(int argc, char *argv[]) {
* the race.
*/
if (swap_uids() < OK) {
if (relinguish_priv() < OK) {
err(ERROR_EXIT, "swapping uids");
}
if (!(NewCrontab = fopen(Filename, "r"))) {
err(ERROR_EXIT, "cannot open `%s'", Filename);
}
if (swap_uids() < OK) {
if (regain_priv() < OK) {
err(ERROR_EXIT, "swapping uids back");
}
}
@ -587,7 +599,7 @@ replace_cmd(void) {
*/
(void)fprintf(tmp, "# DO NOT EDIT THIS FILE - edit the master and reinstall.\n");
(void)fprintf(tmp, "# (%s installed on %-24.24s)\n", Filename, ctime(&now));
(void)fprintf(tmp, "# (Cron version %s -- %s)\n", CRON_VERSION, "$NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $");
(void)fprintf(tmp, "# (Cron version %s -- %s)\n", CRON_VERSION, "$NetBSD: crontab.c,v 1.4 2012/03/02 19:26:40 christos Exp $");
/* copy the crontab to the tmp
*/
@ -772,25 +784,21 @@ in_file(const char *string, FILE *file, int error)
#ifdef HAVE_SAVED_UIDS
static int swap_uids(void) {
return ((setegid(getgid()) || seteuid(getuid())) ? -1 : 0);
static int relinguish_priv(void) {
return (setegid(rgid) || seteuid(ruid)) ? -1 : 0;
}
#if 0
static int swap_uids_back(void) {
return ((setegid(getgid()) || seteuid(getuid())) ? -1 : 0);
static int regain_priv(void) {
return (setegid(egid) || seteuid(euid)) ? -1 : 0;
}
#endif
#else /*HAVE_SAVED_UIDS*/
static int swap_uids(void) {
return ((setregid(getegid(), getgid()) || setreuid(geteuid(), getuid()))
? -1 : 0);
static int relinguish_priv(void) {
return (setregid(egid, rgid) || setreuid(euid, ruid)) ? -1 : 0;
}
#if 0
static int swap_uids_back(void) {
return (swap_uids());
static int regain_priv(void) {
return (setregid(rgid, egid) || setreuid(ruid, euid)) ? -1 : 0;
}
#endif
#endif /*HAVE_SAVED_UIDS*/