summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2003-10-23 16:51:08 +0000
committerVolker Lendecke <vlendec@samba.org>2003-10-23 16:51:08 +0000
commita36be30e082d0208ca8b6215928069e9f3d4f7b0 (patch)
tree43286adde3bf768f8fa4f0e096a21322f18d5e17
parent2a09fe6cb4e31e46dd92052bbc134629b4ae8fda (diff)
downloadsamba-a36be30e082d0208ca8b6215928069e9f3d4f7b0.tar.gz
samba-a36be30e082d0208ca8b6215928069e9f3d4f7b0.tar.bz2
samba-a36be30e082d0208ca8b6215928069e9f3d4f7b0.zip
Merge from 3_0:
After a phonecall with jra finally commit this. This changes our behaviour when the setresuid call is available. We now not only change the effective uid but also the real uid when becoming unprivileged. This is mainly for improved AFS compatibility, as AFS selects the token to send to the server based on the real uid of the process. I tested this with a W2k server with two non-root 'runas' sessions. They come in via a single smbd as two different users using two session setups. Samba on Linux can still switch between the two uids, proved by two different files created via those sessions. Volker (This used to be commit 8a75e2dfb6ee9099e7f9a970c522e71ab144d919)
-rw-r--r--source3/lib/afs.c10
-rw-r--r--source3/lib/util_sec.c7
2 files changed, 5 insertions, 12 deletions
diff --git a/source3/lib/afs.c b/source3/lib/afs.c
index 882442a79f..fc78950f39 100644
--- a/source3/lib/afs.c
+++ b/source3/lib/afs.c
@@ -185,13 +185,9 @@ BOOL afs_login(connection_struct *conn)
strncpy(p, cell, sizeof(ticket)-PTR_DIFF(p,ticket)-1);
p += strlen(p)+1;
- /* As long as we still only use the effective UID we need to set the
- * token for it here as well. This involves patching AFS in two
- * places. Once we start using the real uid where we have the
- * setresuid function, we can use getuid() here which would be more
- * correct. */
-
- ct.ViceId = geteuid();
+ /* This assumes that we have setresuid and set the real uid as well as
+ the effective uid in set_effective_uid(). */
+ ct.ViceId = getuid();
DEBUG(10, ("Creating Token for uid %d\n", ct.ViceId));
/* Alice's network layer address. At least Openafs-1.2.10
diff --git a/source3/lib/util_sec.c b/source3/lib/util_sec.c
index 1980b8bfb7..7c2576ed91 100644
--- a/source3/lib/util_sec.c
+++ b/source3/lib/util_sec.c
@@ -183,11 +183,8 @@ void gain_root_group_privilege(void)
void set_effective_uid(uid_t uid)
{
#if USE_SETRESUID
- /* On Systems which have this function, would it not be more
- * appropriate to also set the real uid by doing
- * setresuid(uid,uid,-1)? This would make patching AFS
- * unnecessary. See comment in lib/afs.c. */
- setresuid(-1,uid,-1);
+ /* Set the effective as well as the real uid. */
+ setresuid(uid,uid,-1);
#endif
#if USE_SETREUID