Subject: setusercontext(3)
To: None <tech-userlevel@netbsd.org>
From: Nick Hudson <nick@nthcliff.demon.co.uk>
List: tech-userlevel
Date: 12/31/2000 14:11:31
This is a multi-part message in MIME format.
--------------C14A3BF42B061ADD0AD621F6
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I think I've found a bug in setusercontext(3) but I'm not 100% sure.
In debugging kdm (a xdm like login manager for KDE) I came across the
situation where setusercontext is used with LOGIN_SETALL in a process
running as root. Unfortunately it would fail (in a strange way) when
trying to set the user's PATH. The patch below would allow the call to
complete successfully. It moves the LOGIN_SETUSER part to be the last
operation.
Is this the right thing to do? I've looked at the equivalent code in
FreeBSD and there is a comment in there that would also suggest this is
correct.
Nick
--
aka skrll@netbsd.org, skrll@excite.co.uk
--------------C14A3BF42B061ADD0AD621F6
Content-Type: text/plain; charset=us-ascii;
name="login_cap.c-diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="login_cap.c-diff"
cvs server: Diffing .
Index: login_cap.c
===================================================================
RCS file: /cvsroot/basesrc/lib/libutil/login_cap.c,v
retrieving revision 1.9
diff -c -r1.9 login_cap.c
*** login_cap.c 2000/10/12 00:28:33 1.9
--- login_cap.c 2000/12/31 13:26:30
***************
*** 561,578 ****
return (-1);
}
if (flags & LOGIN_SETUSER)
if (setuid(uid) < 0) {
syslog(LOG_ERR, "setuid(%d): %m", uid);
login_close(flc);
return (-1);
}
-
- if (flags & LOGIN_SETENV)
- setuserenv(lc);
-
- if (flags & LOGIN_SETPATH)
- setuserpath(lc, pwd ? pwd->pw_dir : "");
login_close(flc);
return (0);
--- 561,578 ----
return (-1);
}
+ if (flags & LOGIN_SETENV)
+ setuserenv(lc);
+
+ if (flags & LOGIN_SETPATH)
+ setuserpath(lc, pwd ? pwd->pw_dir : "");
+
if (flags & LOGIN_SETUSER)
if (setuid(uid) < 0) {
syslog(LOG_ERR, "setuid(%d): %m", uid);
login_close(flc);
return (-1);
}
login_close(flc);
return (0);
--------------C14A3BF42B061ADD0AD621F6--