Annotation of src/usr.bin/ssh/uidswap.c, Revision 1.1
1.1 ! deraadt 1: /*
! 2:
! 3: uidswap.c
! 4:
! 5: Author: Tatu Ylonen <ylo@cs.hut.fi>
! 6:
! 7: Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
! 8: All rights reserved
! 9:
! 10: Created: Sat Sep 9 01:56:14 1995 ylo
! 11:
! 12: Code for uid-swapping.
! 13:
! 14: */
! 15:
! 16: #include "includes.h"
! 17: RCSID("$Id: uidswap.c,v 1.2 1999/05/04 11:59:27 bg Exp $");
! 18:
! 19: #include "ssh.h"
! 20: #include "uidswap.h"
! 21:
! 22: /* Note: all these functions must work in all of the following cases:
! 23:
! 24: 1. euid=0, ruid=0
! 25: 2. euid=0, ruid!=0
! 26: 3. euid!=0, ruid!=0
! 27:
! 28: Additionally, they must work regardless of whether the system has
! 29: POSIX saved uids or not. */
! 30:
! 31: #ifdef HAVE_SETEUID
! 32:
! 33: #ifdef _POSIX_SAVED_IDS
! 34: /* Lets assume that posix saved ids also work with seteuid, even though that
! 35: is not part of the posix specification. */
! 36: #define SAVED_IDS_WORK_WITH_SETEUID
! 37: #endif /* _POSIX_SAVED_IDS */
! 38:
! 39: /* Saved effective uid. */
! 40: static uid_t saved_euid = 0;
! 41:
! 42: /* Temporarily changes to the given uid. If the effective user id is not
! 43: root, this does nothing. This call cannot be nested. */
! 44:
! 45: void temporarily_use_uid(uid_t uid)
! 46: {
! 47: #ifdef SAVED_IDS_WORK_WITH_SETEUID
! 48:
! 49: /* Save the current euid. */
! 50: saved_euid = geteuid();
! 51:
! 52: /* Set the effective uid to the given (unprivileged) uid. */
! 53: if (seteuid(uid) == -1)
! 54: debug("seteuid %d: %.100s", (int)uid, strerror(errno));
! 55:
! 56: #else /* SAVED_IDS_WORK_WITH_SETUID */
! 57:
! 58: /* Propagate the privileged uid to all of our uids. */
! 59: if (setuid(geteuid()) < 0)
! 60: debug("setuid %d: %.100s", (int)geteuid(), strerror(errno));
! 61:
! 62: /* Set the effective uid to the given (unprivileged) uid. */
! 63: if (seteuid(uid) == -1)
! 64: debug("seteuid %d: %.100s", (int)uid, strerror(errno));
! 65:
! 66: #endif /* SAVED_IDS_WORK_WITH_SETEUID */
! 67:
! 68: }
! 69:
! 70: /* Restores to the original uid. */
! 71:
! 72: void restore_uid()
! 73: {
! 74: #ifdef SAVED_IDS_WORK_WITH_SETEUID
! 75:
! 76: /* Set the effective uid back to the saved uid. */
! 77: if (seteuid(saved_euid) < 0)
! 78: debug("seteuid %d: %.100s", (int)saved_euid, strerror(errno));
! 79:
! 80: #else /* SAVED_IDS_WORK_WITH_SETEUID */
! 81:
! 82: /* We are unable to restore the real uid to its unprivileged value. */
! 83: /* Propagate the real uid (usually more privileged) to effective uid
! 84: as well. */
! 85: setuid(getuid());
! 86:
! 87: #endif /* SAVED_IDS_WORK_WITH_SETEUID */
! 88: }
! 89:
! 90: /* Permanently sets all uids to the given uid. This cannot be called while
! 91: temporarily_use_uid is effective. */
! 92:
! 93: void permanently_set_uid(uid_t uid)
! 94: {
! 95: if (setuid(uid) < 0)
! 96: debug("setuid %d: %.100s", (int)uid, strerror(errno));
! 97: }
! 98:
! 99: #else /* HAVE_SETEUID */
! 100:
! 101: YOUR_SYSTEM_DOES_NOT_PERMIT_UID_SWAPPING_READ_AND_EDIT_UIDSWAP_C;
! 102: /* If we ever come here, if means that your system does not support any of
! 103: the uid swapping methods we are aware of. Tough. This means that
! 104: ssh will have to read certain files as root, which causes some security
! 105: problems. Unless your are very concerned about security, you can
! 106: comment out the above line. The effect is that local users on your
! 107: machine might be able to read each other's files. Also, you may encounter
! 108: problems if home directories are on a NFS volume. You may also
! 109: encounter other problems; please don't complain unless you have some idea
! 110: how to fix it. */
! 111:
! 112: void temporarily_use_uid(uid_t uid)
! 113: {
! 114: }
! 115:
! 116: void restore_uid()
! 117: {
! 118: }
! 119:
! 120: void permanently_set_uid(uid_t uid)
! 121: {
! 122: if (setuid(uid) < 0)
! 123: debug("setuid %d: %.100s", (int)uid, strerror(errno));
! 124: }
! 125:
! 126: #endif /* HAVE_SETEUID */