diff -urN portmap_4/daemon.c portmap_4.new/daemon.c --- portmap_4/daemon.c Thu Aug 3 18:07:22 2000 +++ portmap_4.new/daemon.c Fri Aug 4 08:45:25 2000 @@ -35,6 +35,7 @@ static char sccsid[] = "@(#)daemon.c 5.3 (Berkeley) 12/28/90"; #endif /* LIBC_SCCS and not lint */ +#include <stdlib.h> #include <sys/types.h> #include <fcntl.h> #include <unistd.h> diff -urN portmap_4/pmap_check.c portmap_4.new/pmap_check.c --- portmap_4/pmap_check.c Thu Aug 3 18:07:22 2000 +++ portmap_4.new/pmap_check.c Thu Aug 3 18:29:51 2000 @@ -40,6 +40,8 @@ #include <rpc/pmap_prot.h> #include <syslog.h> #include <netdb.h> +#include <pwd.h> +#include <sys/types.h> #include <sys/signal.h> #ifdef SYSV40 #include <netinet/in.h> @@ -149,11 +151,32 @@ /* * Give up root privileges so that we can never allocate a privileged * port when forwarding an rpc request. + * + * Fix 8/3/00 Philipp Knirsch: First lookup our rpc user. If we find it, + * switch to that uid, otherwise simply resue the old bin user and print + * out a warning in syslog. */ - if (setuid(1) == -1) { - syslog(LOG_ERR, "setuid(1) failed: %m"); - exit(1); + + struct passwd *pwent; + + pwent = getpwnam("rpc"); + if (pwent == NULL) { + syslog(LOG_WARNING, "user rpc not found, reverting to user bin"); + if (setuid(1) == -1) { + syslog(LOG_ERR, "setuid(1) failed: %m"); + exit(1); + } } + else { + if (setuid(pwent->pw_uid) == -1) { + syslog(LOG_WARNING, "setuid() to rpc user failed: %m"); + if (setuid(1) == -1) { + syslog(LOG_ERR, "setuid(1) failed: %m"); + exit(1); + } + } + } + (void) signal(SIGINT, toggle_verboselog); }