diff options
| author | Andreas Schneider <asn@samba.org> | 2011-10-07 18:58:58 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@samba.org> | 2011-10-27 13:32:01 +0200 |
| commit | e925ea8d0c490de87b6c987ae03862eeaba65541 (patch) | |
| tree | 397d9c800d84b19000d05b66a80103fba46180a9 | |
| parent | 4c747183e768d5f5a30aaad5d44d1d0bd0aa67d0 (diff) | |
| download | samba-e925ea8d0c490de87b6c987ae03862eeaba65541.tar.gz samba-e925ea8d0c490de87b6c987ae03862eeaba65541.tar.bz2 samba-e925ea8d0c490de87b6c987ae03862eeaba65541.zip | |
uid_wrapper: Handle euid and egid 0.
| -rw-r--r-- | lib/uid_wrapper/uid_wrapper.c | 36 |
1 files changed, 29 insertions, 7 deletions
diff --git a/lib/uid_wrapper/uid_wrapper.c b/lib/uid_wrapper/uid_wrapper.c index aaa21fcb22..6c7fc6effa 100644 --- a/lib/uid_wrapper/uid_wrapper.c +++ b/lib/uid_wrapper/uid_wrapper.c @@ -38,7 +38,9 @@ static struct { bool initialised; bool enabled; + uid_t myuid; uid_t euid; + uid_t mygid; gid_t egid; gid_t *groups; } uwrap; @@ -50,8 +52,8 @@ static void uwrap_init(void) if (getenv("UID_WRAPPER")) { uwrap.enabled = true; /* put us in one group */ - uwrap.euid = geteuid(); - uwrap.egid = getegid(); + uwrap.myuid = uwrap.euid = geteuid(); + uwrap.mygid = uwrap.egid = getegid(); uwrap.groups = talloc_array(NULL, gid_t, 1); uwrap.groups[0] = 0; } @@ -71,7 +73,11 @@ _PUBLIC_ int uwrap_seteuid(uid_t euid) return seteuid(euid); } /* assume for now that the ruid stays as root */ - uwrap.euid = euid; + if (euid == 0) { + uwrap.euid = uwrap.myuid; + } else { + uwrap.euid = euid; + } return 0; } @@ -82,7 +88,11 @@ _PUBLIC_ int uwrap_setreuid(uid_t ruid, uid_t euid) return setreuid(ruid, euid); } /* assume for now that the ruid stays as root */ - uwrap.euid = euid; + if (euid == 0) { + uwrap.euid = uwrap.myuid; + } else { + uwrap.euid = euid; + } return 0; } @@ -93,7 +103,11 @@ _PUBLIC_ int uwrap_setresuid(uid_t ruid, uid_t euid, uid_t suid) return setresuid(ruid, euid, suid); } /* assume for now that the ruid stays as root */ - uwrap.euid = euid; + if (euid == 0) { + uwrap.euid = uwrap.myuid; + } else { + uwrap.euid = euid; + } return 0; } @@ -113,7 +127,11 @@ _PUBLIC_ int uwrap_setegid(gid_t egid) return setegid(egid); } /* assume for now that the ruid stays as root */ - uwrap.egid = egid; + if (egid == 0) { + uwrap.egid = uwrap.mygid; + } else { + uwrap.egid = egid; + } return 0; } @@ -124,7 +142,11 @@ _PUBLIC_ int uwrap_setregid(gid_t rgid, gid_t egid) return setregid(rgid, egid); } /* assume for now that the ruid stays as root */ - uwrap.egid = egid; + if (egid == 0) { + uwrap.egid = uwrap.mygid; + } else { + uwrap.egid = egid; + } return 0; } |