rpms
/
tcp_wrappers
21
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'epel9'
${ noResults }
tcp_wrappers/tcp_wrappers-7.6-initgroups...

63 lines
2.0 KiB
Raw Permalink Blame History

diff -up tcp_wrappers_7.6/options.c.initgroups tcp_wrappers_7.6/options.c
--- tcp_wrappers_7.6/options.c.initgroups 2011-08-11 23:10:43.610418714 +0200
+++ tcp_wrappers_7.6/options.c 2011-08-12 05:51:17.748481294 +0200
@@ -256,8 +256,12 @@ struct request_info *request;
tcpd_jump("unknown group: \"%s\"", value);
endgrent();
- if (dry_run == 0 && setgid(grp->gr_gid))
- tcpd_jump("setgid(%s): %m", value);
+ if (dry_run != 0) {
+ if (setgid(grp->gr_gid))
+ tcpd_jump("setgid(%s): %m", value);
+ if (setgroups(0, NULL))
+ tcpd_jump("setgroups(%s): %m", value);
+ }
}
/* user_option - switch user id */
@@ -271,15 +275,26 @@ struct request_info *request;
struct passwd *pwd;
struct passwd *getpwnam();
char *group;
+ int defaultgroup = 0;
if ((group = split_at(value, '.')) != 0)
group_option(group, request);
+ else
+ defaultgroup = 1;
if ((pwd = getpwnam(value)) == 0)
tcpd_jump("unknown user: \"%s\"", value);
endpwent();
- if (dry_run == 0 && setuid(pwd->pw_uid))
- tcpd_jump("setuid(%s): %m", value);
+ if (dry_run != 0) {
+ if (setuid(pwd->pw_uid))
+ tcpd_jump("setuid(%s): %m", value);
+ if (defaultgroup) {
+ if (setgid(pwd->pw_gid))
+ tcpd_jump("setgid(%s): %m", value);
+ if (initgroups(value, pwd->pw_gid))
+ tcpd_jump("initgroups(%s): %m", value);
+ }
+ }
}
/* umask_option - set file creation mask */
diff -up tcp_wrappers_7.6/safe_finger.c.initgroups tcp_wrappers_7.6/safe_finger.c
--- tcp_wrappers_7.6/safe_finger.c.initgroups 2011-08-12 05:54:06.068606291 +0200
+++ tcp_wrappers_7.6/safe_finger.c 2011-08-12 05:55:34.835483785 +0200
@@ -66,9 +66,11 @@ char **argv;
if (getuid() == 0 || geteuid() == 0) {
if ((pwd = getpwnam(UNPRIV_NAME)) && pwd->pw_uid > 0) {
setgid(pwd->pw_gid);
+ initgroups(UNPRIV_NAME, pwd->pw_gid);
setuid(pwd->pw_uid);
} else {
setgid(UNPRIV_UGID);
+ setgroups(0, NULL);
setuid(UNPRIV_UGID);
}
}
Reference in new issue View Git Blame Copy Permalink