version 1.9, 2000/09/07 20:27:55 |
version 1.9.2.2, 2001/02/19 17:19:42 |
|
|
#include "includes.h" |
#include "includes.h" |
RCSID("$OpenBSD$"); |
RCSID("$OpenBSD$"); |
|
|
#include "ssh.h" |
#include "log.h" |
#include "uidswap.h" |
#include "uidswap.h" |
|
|
/* |
/* |
|
|
/* Lets assume that posix saved ids also work with seteuid, even though that |
/* Lets assume that posix saved ids also work with seteuid, even though that |
is not part of the posix specification. */ |
is not part of the posix specification. */ |
#define SAVED_IDS_WORK_WITH_SETEUID |
#define SAVED_IDS_WORK_WITH_SETEUID |
#endif /* _POSIX_SAVED_IDS */ |
|
|
|
/* Saved effective uid. */ |
/* Saved effective uid. */ |
static uid_t saved_euid = 0; |
static uid_t saved_euid = 0; |
|
#endif /* _POSIX_SAVED_IDS */ |
|
|
/* |
/* |
* Temporarily changes to the given uid. If the effective user |
* Temporarily changes to the given uid. If the effective user |
|
|
/* Set the effective uid to the given (unprivileged) uid. */ |
/* Set the effective uid to the given (unprivileged) uid. */ |
if (seteuid(uid) == -1) |
if (seteuid(uid) == -1) |
debug("seteuid %u: %.100s", (u_int) uid, strerror(errno)); |
debug("seteuid %u: %.100s", (u_int) uid, strerror(errno)); |
#else /* SAVED_IDS_WORK_WITH_SETUID */ |
#else /* SAVED_IDS_WORK_WITH_SETEUID */ |
/* Propagate the privileged uid to all of our uids. */ |
/* Propagate the privileged uid to all of our uids. */ |
if (setuid(geteuid()) < 0) |
if (setuid(geteuid()) < 0) |
debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno)); |
debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno)); |
|
|
* Restores to the original uid. |
* Restores to the original uid. |
*/ |
*/ |
void |
void |
restore_uid() |
restore_uid(void) |
{ |
{ |
#ifdef SAVED_IDS_WORK_WITH_SETEUID |
#ifdef SAVED_IDS_WORK_WITH_SETEUID |
/* Set the effective uid back to the saved uid. */ |
/* Set the effective uid back to the saved uid. */ |