1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
diff -urN portmap_4/daemon.c portmap_4.new/daemon.c
--- portmap_4/daemon.c Thu Aug 3 18:07:22 2000
+++ portmap_4.new/daemon.c Fri Aug 4 08:45:25 2000
@@ -35,6 +35,7 @@
static char sccsid[] = "@(#)daemon.c 5.3 (Berkeley) 12/28/90";
#endif /* LIBC_SCCS and not lint */
+#include <stdlib.h>
#include <sys/types.h>
#include <fcntl.h>
#include <unistd.h>
diff -urN portmap_4/pmap_check.c portmap_4.new/pmap_check.c
--- portmap_4/pmap_check.c Thu Aug 3 18:07:22 2000
+++ portmap_4.new/pmap_check.c Thu Aug 3 18:29:51 2000
@@ -40,6 +40,8 @@
#include <rpc/pmap_prot.h>
#include <syslog.h>
#include <netdb.h>
+#include <pwd.h>
+#include <sys/types.h>
#include <sys/signal.h>
#ifdef SYSV40
#include <netinet/in.h>
@@ -149,11 +151,32 @@
/*
* Give up root privileges so that we can never allocate a privileged
* port when forwarding an rpc request.
+ *
+ * Fix 8/3/00 Philipp Knirsch: First lookup our rpc user. If we find it,
+ * switch to that uid, otherwise simply resue the old bin user and print
+ * out a warning in syslog.
*/
- if (setuid(1) == -1) {
- syslog(LOG_ERR, "setuid(1) failed: %m");
- exit(1);
+
+ struct passwd *pwent;
+
+ pwent = getpwnam("rpc");
+ if (pwent == NULL) {
+ syslog(LOG_WARNING, "user rpc not found, reverting to user bin");
+ if (setuid(1) == -1) {
+ syslog(LOG_ERR, "setuid(1) failed: %m");
+ exit(1);
+ }
}
+ else {
+ if (setuid(pwent->pw_uid) == -1) {
+ syslog(LOG_WARNING, "setuid() to rpc user failed: %m");
+ if (setuid(1) == -1) {
+ syslog(LOG_ERR, "setuid(1) failed: %m");
+ exit(1);
+ }
+ }
+ }
+
(void) signal(SIGINT, toggle_verboselog);
}
|
