From 44979a147df0adcf214ecc2f6d9518c6964402e6 Mon Sep 17 00:00:00 2001
From: Theodore Tso <tytso@mit.edu>
Date: Sat, 29 Apr 1995 00:36:13 +0000
Subject: Don't use setreuid() to play games with the real uid, since not all
 systems have setreuid().  This method of communicating to in_tkt what the
 correct owner of the ticket file is completely broken, anyway.  We skip the
 setreuid() entirely, and then chown the ticket file to the correct owner and
 group afterwards.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5650 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/appl/bsd/ChangeLog |  9 +++++++++
 src/appl/bsd/login.c   | 24 +++++-------------------
 2 files changed, 14 insertions(+), 19 deletions(-)

(limited to 'src/appl')

diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog
index 59155fd25..4936f4356 100644
--- a/src/appl/bsd/ChangeLog
+++ b/src/appl/bsd/ChangeLog
@@ -1,3 +1,12 @@
+Fri Apr 28 20:33:06 1995  Theodore Y. Ts'o  <tytso@dcl>
+
+	* login.c (main): Don't use setreuid() to play games with the real
+		uid, since not all systems have setreuid().  This method
+		of communicating to in_tkt what the correct owner of the
+		ticket file is completely broken, anyway.  We skip the
+		setreuid() entirely, and then chown the ticket file to the
+		correct owner and group afterwards.
+
 Fri Apr 28 17:59:19 1995  Mark Eichin  <eichin@cygnus.com>
 
 	* Makefile.in (KLIB): include KRB4_LIB directly, to satisfy both
diff --git a/src/appl/bsd/login.c b/src/appl/bsd/login.c
index 0b8857b3c..4d618e6db 100644
--- a/src/appl/bsd/login.c
+++ b/src/appl/bsd/login.c
@@ -616,21 +616,8 @@ int main(argc, argv)
 		    _res.retrans = 1;
 #endif /* BIND_HACK */
 
-#ifdef _IBMR2
-		    krbval = setuidx(ID_REAL|ID_EFFECTIVE, pwd->pw_uid);
-#else
-		    krbval = setreuid(pwd->pw_uid, -1);
-#endif
-		    if (krbval) {
-			/* can't set ruid to user! */
-			krbval = -1;
-			fprintf(stderr,
-				"login: Can't set ruid for ticket file.\n");
-		    } else
-			krbval = krb_get_pw_in_tkt(username, "",
-						   realm, "krbtgt",
-						   realm,
-						   DEFAULT_TKT_LIFE, pp2);
+		    krbval = krb_get_pw_in_tkt(username, "", realm, "krbtgt",
+					       realm, DEFAULT_TKT_LIFE, pp2);
 		    memset (pp2, 0, sizeof(pp2));
 #ifdef HAVE_SETPRIORITY
 		    (void) setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET);
@@ -639,6 +626,8 @@ int main(argc, argv)
 		    case INTK_OK:
 			kpass_ok = 1;
 			krbflag = 1;
+			strcpy(tkfile, tkt_string());
+			(void) chown(tkfile, pwd->pw_uid, pwd->pw_gid);
 			break;	
 
 		    /* These errors should be silent */
@@ -798,10 +787,7 @@ bad_login:
 
 	(void)chown(ttyn, pwd->pw_uid,
 	    (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid);
-#ifdef KRB4
-	if(krbflag)
-	    (void) chown(getenv(KRB_ENVIRON), pwd->pw_uid, pwd->pw_gid);
-#endif
+
 	(void)chmod(ttyn, 0620);
 #ifdef KRB4
 #ifdef SETPAG
-- 
cgit