diff options
author | Theodore Tso <tytso@mit.edu> | 1995-04-29 00:36:13 +0000 |
---|---|---|
committer | Theodore Tso <tytso@mit.edu> | 1995-04-29 00:36:13 +0000 |
commit | 44979a147df0adcf214ecc2f6d9518c6964402e6 (patch) | |
tree | 367898edf77ab9b053ab11a69ee02ff71977129d /src/appl | |
parent | 748eaae393eb90ad6aa519835d37e05bc4ad3be8 (diff) | |
download | krb5-44979a147df0adcf214ecc2f6d9518c6964402e6.tar.gz krb5-44979a147df0adcf214ecc2f6d9518c6964402e6.tar.xz krb5-44979a147df0adcf214ecc2f6d9518c6964402e6.zip |
Don't use setreuid() to play games with the real uid, since not all
systems have setreuid(). This method of communicating to in_tkt what
the correct owner of the ticket file is completely broken, anyway. We
skip the setreuid() entirely, and then chown the ticket file to the
correct owner and group afterwards.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5650 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/appl')
-rw-r--r-- | src/appl/bsd/ChangeLog | 9 | ||||
-rw-r--r-- | src/appl/bsd/login.c | 24 |
2 files changed, 14 insertions, 19 deletions
diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index 59155fd25..4936f4356 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,3 +1,12 @@ +Fri Apr 28 20:33:06 1995 Theodore Y. Ts'o <tytso@dcl> + + * login.c (main): Don't use setreuid() to play games with the real + uid, since not all systems have setreuid(). This method + of communicating to in_tkt what the correct owner of the + ticket file is completely broken, anyway. We skip the + setreuid() entirely, and then chown the ticket file to the + correct owner and group afterwards. + Fri Apr 28 17:59:19 1995 Mark Eichin <eichin@cygnus.com> * Makefile.in (KLIB): include KRB4_LIB directly, to satisfy both diff --git a/src/appl/bsd/login.c b/src/appl/bsd/login.c index 0b8857b3c..4d618e6db 100644 --- a/src/appl/bsd/login.c +++ b/src/appl/bsd/login.c @@ -616,21 +616,8 @@ int main(argc, argv) _res.retrans = 1; #endif /* BIND_HACK */ -#ifdef _IBMR2 - krbval = setuidx(ID_REAL|ID_EFFECTIVE, pwd->pw_uid); -#else - krbval = setreuid(pwd->pw_uid, -1); -#endif - if (krbval) { - /* can't set ruid to user! */ - krbval = -1; - fprintf(stderr, - "login: Can't set ruid for ticket file.\n"); - } else - krbval = krb_get_pw_in_tkt(username, "", - realm, "krbtgt", - realm, - DEFAULT_TKT_LIFE, pp2); + krbval = krb_get_pw_in_tkt(username, "", realm, "krbtgt", + realm, DEFAULT_TKT_LIFE, pp2); memset (pp2, 0, sizeof(pp2)); #ifdef HAVE_SETPRIORITY (void) setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); @@ -639,6 +626,8 @@ int main(argc, argv) case INTK_OK: kpass_ok = 1; krbflag = 1; + strcpy(tkfile, tkt_string()); + (void) chown(tkfile, pwd->pw_uid, pwd->pw_gid); break; /* These errors should be silent */ @@ -798,10 +787,7 @@ bad_login: (void)chown(ttyn, pwd->pw_uid, (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid); -#ifdef KRB4 - if(krbflag) - (void) chown(getenv(KRB_ENVIRON), pwd->pw_uid, pwd->pw_gid); -#endif + (void)chmod(ttyn, 0620); #ifdef KRB4 #ifdef SETPAG |