privs.h (241737) | privs.h (241852) |
---|---|
1/* 2 * privs.h - header for privileged operations 3 * Copyright (C) 1993 Thomas Koenig 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 8 unchanged lines hidden (view full) --- 17 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 * | 1/* 2 * privs.h - header for privileged operations 3 * Copyright (C) 1993 Thomas Koenig 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 8 unchanged lines hidden (view full) --- 17 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 * |
25 * $FreeBSD: head/usr.bin/at/privs.h 241737 2012-10-19 14:49:42Z ed $ | 25 * $FreeBSD: head/usr.bin/at/privs.h 241852 2012-10-22 03:31:22Z eadler $ |
26 */ 27 28#ifndef _PRIVS_H 29#define _PRIVS_H 30 31#include <unistd.h> 32 33/* Relinquish privileges temporarily for a setuid or setgid program --- 33 unchanged lines hidden (view full) --- 67gid_t real_gid, effective_gid; 68#endif 69 70#define RELINQUISH_PRIVS { \ 71 real_uid = getuid(); \ 72 effective_uid = geteuid(); \ 73 real_gid = getgid(); \ 74 effective_gid = getegid(); \ | 26 */ 27 28#ifndef _PRIVS_H 29#define _PRIVS_H 30 31#include <unistd.h> 32 33/* Relinquish privileges temporarily for a setuid or setgid program --- 33 unchanged lines hidden (view full) --- 67gid_t real_gid, effective_gid; 68#endif 69 70#define RELINQUISH_PRIVS { \ 71 real_uid = getuid(); \ 72 effective_uid = geteuid(); \ 73 real_gid = getgid(); \ 74 effective_gid = getegid(); \ |
75 seteuid(real_uid); \ 76 setegid(real_gid); \ | 75 if (seteuid(real_uid) != 0) err(1, "seteuid failed"); \ 76 if (setegid(real_gid) != 0) err(1, "setegid failed"); \ |
77} 78 79#define RELINQUISH_PRIVS_ROOT(a, b) { \ 80 real_uid = (a); \ 81 effective_uid = geteuid(); \ 82 real_gid = (b); \ 83 effective_gid = getegid(); \ | 77} 78 79#define RELINQUISH_PRIVS_ROOT(a, b) { \ 80 real_uid = (a); \ 81 effective_uid = geteuid(); \ 82 real_gid = (b); \ 83 effective_gid = getegid(); \ |
84 setegid(real_gid); \ 85 seteuid(real_uid); \ | 84 if (setegid(real_gid) != 0) err(1, "setegid failed"); \ 85 if (seteuid(real_uid) != 0) err(1, "seteuid failed"); \ |
86} 87 88#define PRIV_START { \ | 86} 87 88#define PRIV_START { \ |
89 seteuid(effective_uid); \ 90 setegid(effective_gid); \ | 89 if (seteuid(effective_uid) != 0) err(1, "seteuid failed"); \ 90 if (setegid(effective_gid) != 0) err(1, "setegid failed"); \ |
91} 92 93#define PRIV_END { \ | 91} 92 93#define PRIV_END { \ |
94 setegid(real_gid); \ 95 seteuid(real_uid); \ | 94 if (setegid(real_gid) != 0) err(1, "setegid failed"); \ 95 if (seteuid(real_uid) != 0) err(1, "seteuid failed"); \ |
96} 97 98#define REDUCE_PRIV(a, b) { \ 99 PRIV_START \ 100 effective_uid = (a); \ 101 effective_gid = (b); \ | 96} 97 98#define REDUCE_PRIV(a, b) { \ 99 PRIV_START \ 100 effective_uid = (a); \ 101 effective_gid = (b); \ |
102 setreuid((uid_t)-1, effective_uid); \ 103 setregid((gid_t)-1, effective_gid); \ | 102 if (setreuid((uid_t)-1, effective_uid) != 0) err(1, "setreuid failed"); \ 103 if (setregid((gid_t)-1, effective_gid) != 0) err(1, "setregid failed"); \ |
104 PRIV_END \ 105} 106#endif | 104 PRIV_END \ 105} 106#endif |