Module Name: src Committed By: riz Date: Wed Mar 7 23:41:17 UTC 2012
Modified Files: src/external/bsd/cron/dist [netbsd-6]: crontab.c Log Message: Pull up following revision(s) (requested by dholland in ticket #88): external/bsd/cron/dist/crontab.c: revision 1.4 external/bsd/cron/dist/crontab.c: revision 1.5 PR/46127: Holger Weiss: "crontab <file>" fails for unprivileged users XXX: Pullup to 6 Fix multiple problems in previous commit: 1.) Correct set-uid check to allow "root" to run "crontab -l" again. 2.) Don't the the last error reported in "errno" in case "crontab" is not installed set-uid "root". As no system-call failed "errno" is set to zero. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.3.8.1 src/external/bsd/cron/dist/crontab.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/external/bsd/cron/dist/crontab.c diff -u src/external/bsd/cron/dist/crontab.c:1.3 src/external/bsd/cron/dist/crontab.c:1.3.8.1 --- src/external/bsd/cron/dist/crontab.c:1.3 Tue May 18 21:47:43 2010 +++ src/external/bsd/cron/dist/crontab.c Wed Mar 7 23:41:17 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $ */ +/* $NetBSD: crontab.c,v 1.3.8.1 2012/03/07 23:41:17 riz Exp $ */ /* Copyright 1988,1990,1993,1994 by Paul Vixie * All rights reserved @@ -25,7 +25,7 @@ #if 0 static char rcsid[] = "Id: crontab.c,v 1.12 2004/01/23 18:56:42 vixie Exp"; #else -__RCSID("$NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $"); +__RCSID("$NetBSD: crontab.c,v 1.3.8.1 2012/03/07 23:41:17 riz Exp $"); #endif #endif @@ -66,7 +66,8 @@ static void list_cmd(void), static int replace_cmd(void); static int allowed(const char *, const char *, const char *); static int in_file(const char *, FILE *, int); -static int swap_uids(void); +static int relinguish_priv(void); +static int regain_priv(void); static void usage(const char *msg) { @@ -80,6 +81,9 @@ usage(const char *msg) { exit(ERROR_EXIT); } +static uid_t euid, ruid; +static gid_t egid, rgid; + int main(int argc, char *argv[]) { int exitstatus; @@ -88,6 +92,14 @@ main(int argc, char *argv[]) { Pid = getpid(); (void)setlocale(LC_ALL, ""); + euid = geteuid(); + egid = getegid(); + ruid = getuid(); + rgid = getgid(); + + if (euid == ruid && ruid != 0) + errx(ERROR_EXIT, "Not installed setuid root"); + (void)setvbuf(stderr, NULL, _IOLBF, 0); parse_args(argc, argv); /* sets many globals, opens a file */ set_cron_cwd(); @@ -211,13 +223,13 @@ parse_args(int argc, char *argv[]) { * the race. */ - if (swap_uids() < OK) { + if (relinguish_priv() < OK) { err(ERROR_EXIT, "swapping uids"); } if (!(NewCrontab = fopen(Filename, "r"))) { err(ERROR_EXIT, "cannot open `%s'", Filename); } - if (swap_uids() < OK) { + if (regain_priv() < OK) { err(ERROR_EXIT, "swapping uids back"); } } @@ -587,7 +599,7 @@ replace_cmd(void) { */ (void)fprintf(tmp, "# DO NOT EDIT THIS FILE - edit the master and reinstall.\n"); (void)fprintf(tmp, "# (%s installed on %-24.24s)\n", Filename, ctime(&now)); - (void)fprintf(tmp, "# (Cron version %s -- %s)\n", CRON_VERSION, "$NetBSD: crontab.c,v 1.3 2010/05/18 21:47:43 christos Exp $"); + (void)fprintf(tmp, "# (Cron version %s -- %s)\n", CRON_VERSION, "$NetBSD: crontab.c,v 1.3.8.1 2012/03/07 23:41:17 riz Exp $"); /* copy the crontab to the tmp */ @@ -772,25 +784,21 @@ in_file(const char *string, FILE *file, #ifdef HAVE_SAVED_UIDS -static int swap_uids(void) { - return ((setegid(getgid()) || seteuid(getuid())) ? -1 : 0); +static int relinguish_priv(void) { + return (setegid(rgid) || seteuid(ruid)) ? -1 : 0; } -#if 0 -static int swap_uids_back(void) { - return ((setegid(getgid()) || seteuid(getuid())) ? -1 : 0); + +static int regain_priv(void) { + return (setegid(egid) || seteuid(euid)) ? -1 : 0; } -#endif #else /*HAVE_SAVED_UIDS*/ -static int swap_uids(void) { - return ((setregid(getegid(), getgid()) || setreuid(geteuid(), getuid())) - ? -1 : 0); +static int relinguish_priv(void) { + return (setregid(egid, rgid) || setreuid(euid, ruid)) ? -1 : 0; } -#if 0 -static int swap_uids_back(void) { - return (swap_uids()); +static int regain_priv(void) { + return (setregid(rgid, egid) || setreuid(ruid, euid)) ? -1 : 0; } -#endif #endif /*HAVE_SAVED_UIDS*/