diff options
author | Jeremy Allison <jra@samba.org> | 1998-12-22 02:53:06 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 1998-12-22 02:53:06 +0000 |
commit | 80810371e6ee2ed33cb22a3629373131e92a7ab4 (patch) | |
tree | addea2df3e938f8c84c27481715c02570930f06a /source/include | |
parent | a26d050828ede44d2beeb01edfa7bddd0c6deac0 (diff) | |
download | samba-80810371e6ee2ed33cb22a3629373131e92a7ab4.tar.gz samba-80810371e6ee2ed33cb22a3629373131e92a7ab4.tar.xz samba-80810371e6ee2ed33cb22a3629373131e92a7ab4.zip |
Rather large (I'm afraid) tidyup of the setuid handling code.
All setuid code now resides in the one module lib/util_sec.c.
The interfaces this module exports are :
void gain_root_privilage(void); - Set real/eff/saved uid's to 0.
void gain_root_group_privilage(void); - Set real/eff/saved gid's to 0.
int set_effective_uid(uid_t uid); - Set eff uid *only* to given value.
int set_effective_gid(gid_t gid); - Set eff gid *only* to given value.
BOOL become_user_permanently(uid_t uid, gid_t gid); - Set real/eff/saved uid's and gid's
to uid and gid permanently - with no way back to root.
Most of the quota code now uses these calls (except for a few
special cases).
smbd/chgpasswd.c: Ensured the dochild exits in the fork()'d child.
libsmb/nmblib.c: Fix from Jasper for memory leak.
Jeremy.
Diffstat (limited to 'source/include')
-rw-r--r-- | source/include/config.h.in | 12 | ||||
-rw-r--r-- | source/include/proto.h | 9 |
2 files changed, 20 insertions, 1 deletions
diff --git a/source/include/config.h.in b/source/include/config.h.in index 7b40cea96a4..c71ed429539 100644 --- a/source/include/config.h.in +++ b/source/include/config.h.in @@ -552,9 +552,15 @@ /* Define if you have the set_auth_parameters function. */ #undef HAVE_SET_AUTH_PARAMETERS +/* Define if you have the setegid function. */ +#undef HAVE_SETEGID + /* Define if you have the setenv function. */ #undef HAVE_SETENV +/* Define if you have the seteuid function. */ +#undef HAVE_SETEUID + /* Define if you have the setgroups function. */ #undef HAVE_SETGROUPS @@ -564,6 +570,12 @@ /* Define if you have the setnetgrent function. */ #undef HAVE_SETNETGRENT +/* Define if you have the setregid function. */ +#undef HAVE_SETREGID + +/* Define if you have the setreuid function. */ +#undef HAVE_SETREUID + /* Define if you have the setsid function. */ #undef HAVE_SETSID diff --git a/source/include/proto.h b/source/include/proto.h index 015edd8fbed..77228036ec2 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -296,7 +296,6 @@ void zero_free(void *p, size_t size); int set_maxfiles(int requested_max); void reg_get_subkey(char *full_keyname, char *key_name, char *subkey_name); BOOL reg_split_key(char *full_keyname, uint32 *reg_type, char *key_name); -BOOL become_user_permanently(uid_t uid, gid_t gid); /*The following definitions come from lib/util_file.c */ @@ -311,6 +310,14 @@ BOOL setfilepwpos(void *vp, SMB_BIG_UINT tok); int getfileline(void *vp, char *linebuf, int linebuf_size); char *fgets_slash(char *s2,int maxlen,FILE *f); +/*The following definitions come from lib/util_sec.c */ + +void gain_root_privilage(void); +void gain_root_group_privilage(void); +int set_effective_uid(uid_t uid); +int set_effective_gid(gid_t gid); +BOOL become_user_permanently(uid_t uid, gid_t gid); + /*The following definitions come from lib/util_sid.c */ char *sid_to_string(pstring sidstr_out, DOM_SID *sid); |