version 1.6, 2000/04/14 10:30:34 |
version 1.6.2.2, 2000/11/08 21:31:36 |
|
|
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* All rights reserved |
* All rights reserved |
* Created: Sat Sep 9 01:56:14 1995 ylo |
|
* Code for uid-swapping. |
* Code for uid-swapping. |
|
* |
|
* As far as I am concerned, the code I have written for this software |
|
* can be used freely for any purpose. Any derived versions of this |
|
* software must be clearly marked as such, and if the derived work is |
|
* incompatible with the protocol description in the RFC file, it must be |
|
* called by a name other than "ssh" or "Secure Shell". |
*/ |
*/ |
|
|
#include "includes.h" |
#include "includes.h" |
RCSID("$Id$"); |
RCSID("$OpenBSD$"); |
|
|
#include "ssh.h" |
#include "ssh.h" |
#include "uidswap.h" |
#include "uidswap.h" |
|
|
|
|
/* Set the effective uid to the given (unprivileged) uid. */ |
/* Set the effective uid to the given (unprivileged) uid. */ |
if (seteuid(uid) == -1) |
if (seteuid(uid) == -1) |
debug("seteuid %d: %.100s", (int) uid, strerror(errno)); |
debug("seteuid %u: %.100s", (u_int) uid, strerror(errno)); |
#else /* SAVED_IDS_WORK_WITH_SETUID */ |
#else /* SAVED_IDS_WORK_WITH_SETUID */ |
/* Propagate the privileged uid to all of our uids. */ |
/* Propagate the privileged uid to all of our uids. */ |
if (setuid(geteuid()) < 0) |
if (setuid(geteuid()) < 0) |
debug("setuid %d: %.100s", (int) geteuid(), strerror(errno)); |
debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno)); |
|
|
/* Set the effective uid to the given (unprivileged) uid. */ |
/* Set the effective uid to the given (unprivileged) uid. */ |
if (seteuid(uid) == -1) |
if (seteuid(uid) == -1) |
debug("seteuid %d: %.100s", (int) uid, strerror(errno)); |
debug("seteuid %u: %.100s", (u_int) uid, strerror(errno)); |
#endif /* SAVED_IDS_WORK_WITH_SETEUID */ |
#endif /* SAVED_IDS_WORK_WITH_SETEUID */ |
} |
} |
|
|
|
|
#ifdef SAVED_IDS_WORK_WITH_SETEUID |
#ifdef SAVED_IDS_WORK_WITH_SETEUID |
/* Set the effective uid back to the saved uid. */ |
/* Set the effective uid back to the saved uid. */ |
if (seteuid(saved_euid) < 0) |
if (seteuid(saved_euid) < 0) |
debug("seteuid %d: %.100s", (int) saved_euid, strerror(errno)); |
debug("seteuid %u: %.100s", (u_int) saved_euid, strerror(errno)); |
#else /* SAVED_IDS_WORK_WITH_SETEUID */ |
#else /* SAVED_IDS_WORK_WITH_SETEUID */ |
/* |
/* |
* We are unable to restore the real uid to its unprivileged value. |
* We are unable to restore the real uid to its unprivileged value. |
|
|
permanently_set_uid(uid_t uid) |
permanently_set_uid(uid_t uid) |
{ |
{ |
if (setuid(uid) < 0) |
if (setuid(uid) < 0) |
debug("setuid %d: %.100s", (int) uid, strerror(errno)); |
debug("setuid %u: %.100s", (u_int) uid, strerror(errno)); |
} |
} |