Annotation of src/usr.bin/ssh/uidswap.c, Revision 1.7
1.1 deraadt 1: /*
1.4 deraadt 2: * Author: Tatu Ylonen <ylo@cs.hut.fi>
3: * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4: * All rights reserved
5: * Created: Sat Sep 9 01:56:14 1995 ylo
6: * Code for uid-swapping.
7: */
1.1 deraadt 8:
9: #include "includes.h"
1.7 ! markus 10: RCSID("$OpenBSD: uidswap.c,v 1.6 2000/04/14 10:30:34 markus Exp $");
1.1 deraadt 11:
12: #include "ssh.h"
13: #include "uidswap.h"
14:
1.4 deraadt 15: /*
16: * Note: all these functions must work in all of the following cases:
17: * 1. euid=0, ruid=0
18: * 2. euid=0, ruid!=0
19: * 3. euid!=0, ruid!=0
20: * Additionally, they must work regardless of whether the system has
21: * POSIX saved uids or not.
22: */
1.1 deraadt 23:
24: #ifdef _POSIX_SAVED_IDS
25: /* Lets assume that posix saved ids also work with seteuid, even though that
26: is not part of the posix specification. */
27: #define SAVED_IDS_WORK_WITH_SETEUID
28: #endif /* _POSIX_SAVED_IDS */
29:
30: /* Saved effective uid. */
31: static uid_t saved_euid = 0;
32:
1.4 deraadt 33: /*
34: * Temporarily changes to the given uid. If the effective user
35: * id is not root, this does nothing. This call cannot be nested.
36: */
1.6 markus 37: void
1.3 markus 38: temporarily_use_uid(uid_t uid)
1.1 deraadt 39: {
40: #ifdef SAVED_IDS_WORK_WITH_SETEUID
1.3 markus 41: /* Save the current euid. */
42: saved_euid = geteuid();
1.1 deraadt 43:
1.3 markus 44: /* Set the effective uid to the given (unprivileged) uid. */
45: if (seteuid(uid) == -1)
46: debug("seteuid %d: %.100s", (int) uid, strerror(errno));
1.1 deraadt 47: #else /* SAVED_IDS_WORK_WITH_SETUID */
1.3 markus 48: /* Propagate the privileged uid to all of our uids. */
49: if (setuid(geteuid()) < 0)
50: debug("setuid %d: %.100s", (int) geteuid(), strerror(errno));
51:
52: /* Set the effective uid to the given (unprivileged) uid. */
53: if (seteuid(uid) == -1)
54: debug("seteuid %d: %.100s", (int) uid, strerror(errno));
1.1 deraadt 55: #endif /* SAVED_IDS_WORK_WITH_SETEUID */
56: }
57:
1.4 deraadt 58: /*
59: * Restores to the original uid.
60: */
1.6 markus 61: void
1.3 markus 62: restore_uid()
1.1 deraadt 63: {
64: #ifdef SAVED_IDS_WORK_WITH_SETEUID
1.3 markus 65: /* Set the effective uid back to the saved uid. */
66: if (seteuid(saved_euid) < 0)
67: debug("seteuid %d: %.100s", (int) saved_euid, strerror(errno));
1.1 deraadt 68: #else /* SAVED_IDS_WORK_WITH_SETEUID */
1.5 markus 69: /*
70: * We are unable to restore the real uid to its unprivileged value.
71: * Propagate the real uid (usually more privileged) to effective uid
72: * as well.
73: */
1.3 markus 74: setuid(getuid());
1.1 deraadt 75: #endif /* SAVED_IDS_WORK_WITH_SETEUID */
76: }
77:
1.4 deraadt 78: /*
79: * Permanently sets all uids to the given uid. This cannot be
80: * called while temporarily_use_uid is effective.
81: */
1.6 markus 82: void
1.3 markus 83: permanently_set_uid(uid_t uid)
1.1 deraadt 84: {
1.3 markus 85: if (setuid(uid) < 0)
86: debug("setuid %d: %.100s", (int) uid, strerror(errno));
1.1 deraadt 87: }