===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/su/su.c,v
retrieving revision 1.34
retrieving revision 1.35
diff -c -r1.34 -r1.35
*** src/usr.bin/su/su.c	2000/09/15 07:13:50	1.34
--- src/usr.bin/su/su.c	2000/12/02 22:44:49	1.35
***************
*** 1,4 ****
! /*	$OpenBSD: su.c,v 1.34 2000/09/15 07:13:50 deraadt Exp $	*/
  
  /*
   * Copyright (c) 1988 The Regents of the University of California.
--- 1,4 ----
! /*	$OpenBSD: su.c,v 1.35 2000/12/02 22:44:49 hin Exp $	*/
  
  /*
   * Copyright (c) 1988 The Regents of the University of California.
***************
*** 41,47 ****
  
  #ifndef lint
  /*static char sccsid[] = "from: @(#)su.c	5.26 (Berkeley) 7/6/91";*/
! static char rcsid[] = "$OpenBSD: su.c,v 1.34 2000/09/15 07:13:50 deraadt Exp $";
  #endif /* not lint */
  
  #include <sys/param.h>
--- 41,47 ----
  
  #ifndef lint
  /*static char sccsid[] = "from: @(#)su.c	5.26 (Berkeley) 7/6/91";*/
! static char rcsid[] = "$OpenBSD: su.c,v 1.35 2000/12/02 22:44:49 hin Exp $";
  #endif /* not lint */
  
  #include <sys/param.h>
***************
*** 59,64 ****
--- 59,65 ----
  #include <string.h>
  #include <syslog.h>
  #include <unistd.h>
+ #include <fcntl.h>
  
  #ifdef  SKEY
  #include <skey.h>                                                       
***************
*** 358,368 ****
  	KTEXT_ST ticket;
  	AUTH_DAT authdata;
  	struct hostent *hp;
! 	int kerno;
  	in_addr_t faddr;
  	char hostname[MAXHOSTNAMELEN], savehost[MAXHOSTNAMELEN];
  	char *ontty(), *krb_get_phost();
  
  	if (koktologin(username, lrealm, user) && !uid) {
  		(void)fprintf(stderr, "kerberos su: not in %s's ACL.\n", user);
  		return (1);
--- 359,374 ----
  	KTEXT_ST ticket;
  	AUTH_DAT authdata;
  	struct hostent *hp;
! 	int kerno, fd;
  	in_addr_t faddr;
  	char hostname[MAXHOSTNAMELEN], savehost[MAXHOSTNAMELEN];
  	char *ontty(), *krb_get_phost();
  
+ 	/* Don't bother with Kerberos if there is no srvtab file */
+ 	if ((fd = open(KEYFILE, O_RDONLY, 0)) < 0)
+ 		return (1);
+ 	close(fd);
+ 
  	if (koktologin(username, lrealm, user) && !uid) {
  		(void)fprintf(stderr, "kerberos su: not in %s's ACL.\n", user);
  		return (1);
***************
*** 407,417 ****
  		return (1);
  	}
  
! 	if (chown(krbtkfile, uid, -1) < 0) {
! 		warn("chown");
  		(void)unlink(krbtkfile);
  		return (1);
  	}
  
  	(void)setpriority(PRIO_PROCESS, 0, -2);
  
--- 413,434 ----
  		return (1);
  	}
  
! 	/*
! 	 * Set the owner of the ticket file to root but bail if someone
! 	 * has nefariously swapped a link in place of the file.
! 	 */
! 	fd = open(krbtkfile, O_RDWR|O_NOFOLLOW, 0);
! 	if (fd == -1) {
! 		warn("unable to open ticket file");
  		(void)unlink(krbtkfile);
  		return (1);
  	}
+ 	if (fchown(fd, uid, -1) < 0) {
+ 		warn("fchown");
+ 		(void)unlink(krbtkfile);
+ 		return (1);
+ 	}
+ 	close(fd);
  
  	(void)setpriority(PRIO_PROCESS, 0, -2);