diff options
| author | Andrew Tridgell <tridge@samba.org> | 1996-06-01 15:25:30 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 1996-06-01 15:25:30 +0000 |
| commit | 72543810ce3eb5ea7b141f957edf38b4c46b1ea4 (patch) | |
| tree | c0c68bd53088f2ee25dd0c59475920bcd7e07bb8 /source/smbd/smbrun.c | |
| parent | 8a0a06cba939e91e2379d0c5367b8817e7328077 (diff) | |
| download | samba-72543810ce3eb5ea7b141f957edf38b4c46b1ea4.tar.gz samba-72543810ce3eb5ea7b141f957edf38b4c46b1ea4.tar.xz samba-72543810ce3eb5ea7b141f957edf38b4c46b1ea4.zip | |
- moved the uid handling to uid.c
- added setfsuid() support (for Linux)
- started adding some of Lukes changes, just the loadparm and ipc ones
so far
Diffstat (limited to 'source/smbd/smbrun.c')
| -rw-r--r-- | source/smbd/smbrun.c | 71 |
1 files changed, 36 insertions, 35 deletions
diff --git a/source/smbd/smbrun.c b/source/smbd/smbrun.c index df12ae1f85c..6c9ba52b8b6 100644 --- a/source/smbd/smbrun.c +++ b/source/smbd/smbrun.c @@ -44,53 +44,54 @@ static void close_fds(void) This is a wrapper around the system call to allow commands to run correctly as non root from a program which is switching between root and non-root -It takes one argument as argv[1] and runs it after becoming a non-root -user -*/ +It takes 3 arguments as uid,gid,command and runs command after +becoming a non-root user */ int main(int argc,char *argv[]) { + int uid,gid; + close_fds(); - if (getuid() != geteuid()) - { - int uid,gid; - - if (getuid() == 0) - uid = geteuid(); - else - uid = getuid(); - - if (getgid() == 0) - gid = getegid(); - else - gid = getgid(); - + if (argc != 4) exit(2); + + uid = atoi(argv[1]); + gid = atoi(argv[2]); + + /* first become root - we may need to do this in order to lose + our privilages! */ #ifdef USE_SETRES - setresgid(0,0,0); - setresuid(0,0,0); - setresgid(gid,gid,gid); - setresuid(uid,uid,uid); + setresgid(0,0,0); + setresuid(0,0,0); #else - setuid(0); - seteuid(0); - setgid(gid); - setegid(gid); - setuid(uid); - seteuid(uid); + setuid(0); + seteuid(0); #endif - if (getuid() != uid) - return(3); - } +#ifdef USE_SETFS + setfsuid(uid); + setfsgid(gid); +#endif + +#ifdef USE_SETRES + setresgid(gid,gid,gid); + setresuid(uid,uid,uid); +#else + setgid(gid); + setegid(gid); + setuid(uid); + seteuid(uid); +#endif - if (geteuid() != getuid()) - return(1); - if (argc < 2) - return(2); + /* paranoia :-) */ + if (getuid() != uid) + return(3); + + if (geteuid() != getuid()) + return(4); /* this is to make sure that the system() call doesn't run forever */ alarm(30); - return(system(argv[1])); + return(system(argv[3])); } |