- * Revision 1.6 1997/09/05 13:47:44 mdw
+ * Revision 1.7 1997/09/08 13:43:20 mdw
+ * Change userid when creating tracefiles rather than fiddling with
+ * `access': it works rather better. Also, insert some stdio buffer
+ * flushing to ensure tracedumps are completely written.
+ *
+ * Revision 1.6 1997/09/05 13:47:44 mdw
- if ((flags & f_setuid) && access(optarg, W_OK)) {
- die("no write permission for trace file file `%s': %s",
- optarg, strerror(errno));
+ uid_t eu = geteuid(), ru = getuid();
+
+#ifdef HAVE_SETREUID
+ if (setreuid(eu, ru))
+#else
+ if (seteuid(ru))
+#endif
+ {
+ die("couldn't temporarily give up privileges: %s",
+ strerror(errno));
if ((fp = fopen(optarg, "w")) == 0) {
die("couldn't open trace file `%s' for writing: %s",
optarg, strerror(errno));
}
if ((fp = fopen(optarg, "w")) == 0) {
die("couldn't open trace file `%s' for writing: %s",
optarg, strerror(errno));
}
- * Any environment string which has one of the following as a prefix
- * will be expunged from the environment passed to the called process.
- * The first line lists variables which have been used to list search
- * paths for shared libraries: by manipulating these, an attacker could
- * replace a standard library with one of his own. The second line lists
- * other well-known dangerous environment variables.
+ * Any environment string which has one of the following as a prefix will
+ * be expunged from the environment passed to the called process. The
+ * first line lists variables which have been used to list search paths
+ * for shared libraries: by manipulating these, an attacker could replace
+ * a standard library with one of his own. The second line lists other
+ * well-known dangerous environment variables.
sprintf(rq.cmd, "%s/%s", p, todo[0]);
if (stat(rq.cmd, &st) == 0 && /* Check it exists */
st.st_mode & 0111 && /* Check it's executable */
sprintf(rq.cmd, "%s/%s", p, todo[0]);
if (stat(rq.cmd, &st) == 0 && /* Check it exists */
st.st_mode & 0111 && /* Check it's executable */
execve(rq.cmd, todo, env);
die("couldn't exec `%s': %s", rq.cmd, strerror(errno));
return (127);
execve(rq.cmd, todo, env);
die("couldn't exec `%s': %s", rq.cmd, strerror(errno));
return (127);