tip doesn't always set uid's properly +FIX
Jeff Gilliam
jeff at voder.UUCP
Sat Nov 15 11:04:38 AEST 1986
Index: usr.bin/tip/acu.c 4.3BSD
Description:
1) tip can't read a protected /etc/phones file.
2) tip can't remove the lock file if dialing is aborted.
Repeat-By:
Use tip.
Fix:
RCS file: RCS/acu.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -c -r1.1 -r1.2
*** /tmp/,RCSt1007279 Fri Nov 14 16:58:24 1986
--- /tmp/,RCSt2007279 Fri Nov 14 16:58:26 1986
***************
*** 62,67 ****
--- 62,69 ----
else
(*acu->acu_abort)();
}
+ setreuid(uid, euid);
+ setregid(gid, egid);
delock(uucplock);
exit(1);
}
***************
*** 84,93 ****
--- 86,101 ----
tried++;
}
} else {
+ setreuid(uid, euid);
+ setregid(gid, egid);
if ((fd = fopen(PH, "r")) == NOFILE) {
printf("%s: ", PH);
+ setregid(egid, gid);
+ setreuid(euid, uid);
return ("can't open phone number file");
}
+ setregid(egid, gid);
+ setreuid(euid, uid);
while (fgets(string, sizeof(string), fd) != NOSTR) {
for (cp = string; !any(*cp, " \t\n"); cp++)
;
--
Jeff Gilliam {ucbvax,pyramid,nsc}!voder!jeff
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list