[packages/X11.git] / x11r6.9.0-setuid.diff

--- xc/programs/Xserver/hw/xfree86/common/xf86Init.c	14 Dec 2005 20:12:00 -0000	1.29
+++ xc/programs/Xserver/hw/xfree86/common/xf86Init.c	5 Jun 2006 10:35:19 -0000
@@ -1905,7 +1905,11 @@
           FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno));
           break;
       case 0:  /* child */
-          setuid(getuid());
+	  if (setuid(getuid()) == -1) {
+	      xf86Msg(X_ERROR, "xf86RunVtInit: setuid failed (%s)\n",
+			 strerror(errno));
+	      exit(255);
+	  }
           /* set stdin, stdout to the consoleFd */
           for (i = 0; i < 2; i++) {
             if (xf86Info.consoleFd != i) {
--- xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c	3 Jul 2005 08:53:48 -0000	1.9
+++ xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c	5 Jun 2006 10:35:19 -0000
@@ -1270,7 +1270,10 @@
 #ifndef SELF_CONTAINED_WRAPPER
 	xf86DisableIO();
 #endif
-        setuid(getuid());
+        if (setuid(getuid()) == -1) {
+		ErrorF("xf86Execl: setuid() failed: %s\n", strerror(errno));
+		exit(255);
+	}
 #if !defined(SELF_CONTAINED_WRAPPER)
         /* set stdin, stdout to the consoleFD, and leave stderr alone */
         for (i = 0; i < 2; i++)
--- xc/programs/Xserver/hw/xfree86/parser/write.c	3 Jul 2005 07:01:37 -0000	1.3
+++ xc/programs/Xserver/hw/xfree86/parser/write.c	5 Jun 2006 10:35:19 -0000
@@ -170,7 +170,10 @@
 					strerror(errno));
 			return 0;
 		case 0: /* child */
-			setuid(getuid());
+			if (setuid(getuid() == -1) 
+			    FatalError("xf86writeConfigFile(): "
+				"setuid failed(%s)\n", 
+				strerror(errno));
 			ret = doWriteConfigFile(filename, cptr);
 			exit(ret);
 			break;
--- xc/programs/Xserver/os/utils.c	8 Nov 2005 06:33:30 -0000	1.21
+++ xc/programs/Xserver/os/utils.c	5 Jun 2006 10:35:20 -0000
@@ -1718,8 +1718,10 @@
     case -1:	/* error */
 	p = -1;
     case 0:	/* child */
-	setgid(getgid());
-	setuid(getuid());
+	if (setgid(getgid()) == -1)
+	    _exit(127);
+	if (setuid(getuid()) == -1)
+	    _exit(127);
 	execl("/bin/sh", "sh", "-c", command, (char *)NULL);
 	_exit(127);
     default:	/* parent */
@@ -1770,8 +1772,10 @@
 	xfree(cur);
 	return NULL;
     case 0:	/* child */
-	setgid(getgid());
-	setuid(getuid());
+	if (setgid(getgid()) == -1)
+	    _exit(127);
+	if (setuid(getuid()) == -1)
+	    _exit(127);
 	if (*type == 'r') {
 	    if (pdes[1] != 1) {
 		/* stdout */
@@ -1845,8 +1849,10 @@
 	xfree(cur);
 	return NULL;
     case 0:	/* child */
-	setgid(getgid());
-	setuid(getuid());
+	if (setgid(getgid()) == -1)
+	    _exit(127);
+	if (setuid(getuid()) == -1)
+	    _exit(127);
 	if (*type == 'r') {
 	    if (pdes[1] != 1) {
 		/* stdout */
--- xc/programs/xdm/session.c	8 Nov 2005 06:33:31 -0000	1.3
+++ xc/programs/xdm/session.c	5 Jun 2006 10:35:21 -0000
@@ -488,8 +488,14 @@
     else
 	ResetServer (d);
     if (removeAuth) {
-	setgid (verify.gid);
-	setuid (verify.uid);
+	if (setgid (verify.gid) == -1) {
+	    LogError( "SessionExit: setgid: %s\n", strerror(errno));
+	    exit(status);
+	}
+	if (setuid (verify.uid) == -1) {
+	    LogError( "SessionExit: setuid: %s\n", strerror(errno));
+	    exit(status);
+	}
 	RemoveUserAuthorization (d, &verify);
 #ifdef K5AUTH
 	/* do like "kdestroy" program */
--- xc/programs/xdm/xdmshell.c	14 Jul 2005 22:58:25 -0000	1.3
+++ xc/programs/xdm/xdmshell.c	5 Jun 2006 10:35:21 -0000
@@ -183,7 +183,11 @@
 #endif
 
     /* make xdm run in a non-setuid environment */
-    setuid (geteuid());
+    if (setuid (geteuid()) == -1) {
+	fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n",
+		ProgramName, errno, strerror(errno));
+	exit(1);
+    }
 
     /*
      * exec /usr/bin/X11/xdm -nodaemon -udpPort 0
--- xc/programs/xf86dga/dga.c	23 Apr 2004 19:54:47 -0000	1.2
+++ xc/programs/xf86dga/dga.c	5 Jun 2006 10:35:21 -0000
@@ -16,6 +16,7 @@
 #include <X11/Xmd.h>
 #include <X11/extensions/xf86dga.h>
 #include <ctype.h>
+#include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <signal.h>
@@ -141,7 +142,10 @@
 
 #ifndef __UNIXOS2__
    /* Give up root privs */
-   setuid(getuid());
+   if (setuid(getuid()) == -1) {
+      fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));
+      exit(2);
+   }
 #endif
 
    XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);
--- xc/programs/xinit/xinit.c	4 Oct 2005 01:27:34 -0000	1.4
+++ xc/programs/xinit/xinit.c	5 Jun 2006 10:35:21 -0000
@@ -692,7 +692,10 @@
 startClient(char *client[])
 {
 	if ((clientpid = vfork()) == 0) {
-		setuid(getuid());
+		if (setuid(getuid()) == -1) {
+			Error("cannot change uid: %s\n", strerror(errno));
+			_exit(ERR_EXIT);
+		}
 		setpgrp(0, getpid());
 		environ = newenviron;
 #ifdef __UNIXOS2__
--- xc/programs/xload/xload.c	23 Apr 2004 19:54:57 -0000	1.2
+++ xc/programs/xload/xload.c	5 Jun 2006 10:35:21 -0000
@@ -34,7 +34,7 @@
  * xload - display system load average in a window
  */
 
-
+#include <errno.h>
 #include <stdio.h> 
 #include <stdlib.h>
 #include <unistd.h>
@@ -162,8 +162,17 @@
     /* For security reasons, we reset our uid/gid after doing the necessary
        system initialization and before calling any X routines. */
     InitLoadPoint();
-    setgid(getgid());		/* reset gid first while still (maybe) root */
-    setuid(getuid());
+    /* reset gid first while still (maybe) root */
+    if (setgid(getgid()) == -1) {
+	    fprintf(stderr, "%s: setgid failed: %s\n", 
+		ProgramName, strerror(errno));
+	    exit(1);
+    }
+    if (setuid(getuid()) == -1) {
+	    fprintf(stderr, "%s: setuid failed: %s\n", 
+		ProgramName, strerror(errno));
+	    exit(1);
+    }
 
     XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);
 
--- xc/programs/xterm/main.c	14 Dec 2005 23:28:27 -0000	1.8
+++ xc/programs/xterm/main.c	5 Jun 2006 10:35:22 -0000
@@ -1592,8 +1592,10 @@
     Window winToEmbedInto = None;
 
 #ifdef DISABLE_SETUID
-    seteuid(getuid());
-    setuid(getuid());
+    if (seteuid(getuid()) == -1)
+	    exit(2);
+    if (setuid(getuid()) == -1)
+	    exit(2);
 #endif
 
     ProgramName = argv[0];
@@ -1619,8 +1621,16 @@
 
 #if defined(USE_UTMP_SETGID)
     get_pty(NULL, NULL);
-    seteuid(getuid());
-    setuid(getuid());
+    if (seteuid(getuid()) == -1) {
+           fprintf(stderr,
+               "%s: unable to change back euid\n", ProgramName);
+           exit(1);
+    }
+    if (setuid(getuid()) == -1) {
+           fprintf(stderr,
+               "%s: unable to change back uid\n", ProgramName);
+           exit(1);
+    }
 #define get_pty(pty, from) really_get_pty(pty, from)
 #endif
 
--- xc/programs/xterm/misc.c	14 Dec 2005 23:28:27 -0000	1.6
+++ xc/programs/xterm/misc.c	5 Jun 2006 10:35:22 -0000
@@ -1094,8 +1094,10 @@
     pid = fork();
     switch (pid) {
     case 0:			/* child */
-	setgid(gid);
-	setuid(uid);
+	if (setgid(gid) == -1)
+	    _exit(ERROR_SETUID);
+	if (setuid(uid) == -1) 
+	    _exit(ERROR_SETUID);
 	fd = open(pathname,
 		  O_WRONLY | O_CREAT | (append ? O_APPEND : O_EXCL),
 		  mode);
@@ -1262,8 +1264,10 @@
 	    signal(SIGCHLD, SIG_DFL);
 
 	    /* (this is redundant) */
-	    setgid(screen->gid);
-	    setuid(screen->uid);
+	    if (setgid(screen->gid) == -1)
+		exit(ERROR_SETUID);
+	    if (setuid(screen->uid) == -1)
+		exit(ERROR_SETUID);
 
 	    execl(shell, shell, "-c", &screen->logfile[1], (void *) 0);
 
--- xc/programs/xterm/print.c	5 Aug 2005 16:13:04 -0000	1.5
+++ xc/programs/xterm/print.c	5 Jun 2006 10:35:22 -0000
@@ -387,9 +387,11 @@
 		dup2(fileno(stderr), 2);
 		close(fileno(stderr));
 	    }
-
-	    setgid(screen->gid);	/* don't want privileges! */
-	    setuid(screen->uid);
+	    /* don't want privileges! */
+	    if (setgid(screen->gid) == -1)
+		    exit(2);
+	    if (setuid(screen->uid) == -1)
+		    exit(2);
 
 	    Printer = popen(screen->printer_command, "w");
 	    input = fdopen(my_pipe[0], "r");
Commit	Line	Data
2d07cbe4 ER	1	--- xc/programs/Xserver/hw/xfree86/common/xf86Init.c 14 Dec 2005 20:12:00 -0000 1.29
2d07cbe4 ER	2	+++ xc/programs/Xserver/hw/xfree86/common/xf86Init.c 5 Jun 2006 10:35:19 -0000
2d07cbe4 ER	3	@@ -1905,7 +1905,11 @@
	4	FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno));
	5	break;
	6	case 0: /* child */
	7	- setuid(getuid());
	8	+ if (setuid(getuid()) == -1) {
	9	+ xf86Msg(X_ERROR, "xf86RunVtInit: setuid failed (%s)\n",
	10	+ strerror(errno));
	11	+ exit(255);
	12	+ }
	13	/* set stdin, stdout to the consoleFd */
	14	for (i = 0; i < 2; i++) {
	15	if (xf86Info.consoleFd != i) {
	16	--- xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c 3 Jul 2005 08:53:48 -0000 1.9
	17	+++ xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c 5 Jun 2006 10:35:19 -0000
	18	@@ -1270,7 +1270,10 @@
	19	#ifndef SELF_CONTAINED_WRAPPER
	20	xf86DisableIO();
	21	#endif
	22	- setuid(getuid());
	23	+ if (setuid(getuid()) == -1) {
	24	+ ErrorF("xf86Execl: setuid() failed: %s\n", strerror(errno));
	25	+ exit(255);
	26	+ }
	27	#if !defined(SELF_CONTAINED_WRAPPER)
	28	/* set stdin, stdout to the consoleFD, and leave stderr alone */
	29	for (i = 0; i < 2; i++)
	30	--- xc/programs/Xserver/hw/xfree86/parser/write.c 3 Jul 2005 07:01:37 -0000 1.3
	31	+++ xc/programs/Xserver/hw/xfree86/parser/write.c 5 Jun 2006 10:35:19 -0000
	32	@@ -170,7 +170,10 @@
	33	strerror(errno));
	34	return 0;
	35	case 0: /* child */
	36	- setuid(getuid());
	37	+ if (setuid(getuid() == -1)
	38	+ FatalError("xf86writeConfigFile(): "
	39	+ "setuid failed(%s)\n",
	40	+ strerror(errno));
	41	ret = doWriteConfigFile(filename, cptr);
	42	exit(ret);
	43	break;
	44	--- xc/programs/Xserver/os/utils.c 8 Nov 2005 06:33:30 -0000 1.21
	45	+++ xc/programs/Xserver/os/utils.c 5 Jun 2006 10:35:20 -0000
2d07cbe4 ER	46	@@ -1718,8 +1718,10 @@
	47	case -1: /* error */
	48	p = -1;
	49	case 0: /* child */
	50	- setgid(getgid());
	51	- setuid(getuid());
	52	+ if (setgid(getgid()) == -1)
	53	+ _exit(127);
	54	+ if (setuid(getuid()) == -1)
	55	+ _exit(127);
	56	execl("/bin/sh", "sh", "-c", command, (char *)NULL);
	57	_exit(127);
	58	default: /* parent */
	59	@@ -1770,8 +1772,10 @@
	60	xfree(cur);
	61	return NULL;
	62	case 0: /* child */
	63	- setgid(getgid());
	64	- setuid(getuid());
	65	+ if (setgid(getgid()) == -1)
	66	+ _exit(127);
	67	+ if (setuid(getuid()) == -1)
	68	+ _exit(127);
	69	if (*type == 'r') {
	70	if (pdes[1] != 1) {
	71	/* stdout */
	72	@@ -1845,8 +1849,10 @@
	73	xfree(cur);
	74	return NULL;
	75	case 0: /* child */
	76	- setgid(getgid());
	77	- setuid(getuid());
	78	+ if (setgid(getgid()) == -1)
	79	+ _exit(127);
	80	+ if (setuid(getuid()) == -1)
	81	+ _exit(127);
	82	if (*type == 'r') {
	83	if (pdes[1] != 1) {
	84	/* stdout */
	85	--- xc/programs/xdm/session.c 8 Nov 2005 06:33:31 -0000 1.3
	86	+++ xc/programs/xdm/session.c 5 Jun 2006 10:35:21 -0000
2d07cbe4 ER	87	@@ -488,8 +488,14 @@
	88	else
	89	ResetServer (d);
	90	if (removeAuth) {
	91	- setgid (verify.gid);
	92	- setuid (verify.uid);
	93	+ if (setgid (verify.gid) == -1) {
	94	+ LogError( "SessionExit: setgid: %s\n", strerror(errno));
	95	+ exit(status);
	96	+ }
	97	+ if (setuid (verify.uid) == -1) {
	98	+ LogError( "SessionExit: setuid: %s\n", strerror(errno));
	99	+ exit(status);
	100	+ }
	101	RemoveUserAuthorization (d, &verify);
	102	#ifdef K5AUTH
	103	/* do like "kdestroy" program */
	104	--- xc/programs/xdm/xdmshell.c 14 Jul 2005 22:58:25 -0000 1.3
	105	+++ xc/programs/xdm/xdmshell.c 5 Jun 2006 10:35:21 -0000
	106	@@ -183,7 +183,11 @@
	107	#endif
	108
	109	/* make xdm run in a non-setuid environment */
	110	- setuid (geteuid());
	111	+ if (setuid (geteuid()) == -1) {
	112	+ fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n",
	113	+ ProgramName, errno, strerror(errno));
	114	+ exit(1);
	115	+ }
	116
	117	/*
	118	* exec /usr/bin/X11/xdm -nodaemon -udpPort 0
	119	--- xc/programs/xf86dga/dga.c 23 Apr 2004 19:54:47 -0000 1.2
	120	+++ xc/programs/xf86dga/dga.c 5 Jun 2006 10:35:21 -0000
	121	@@ -16,6 +16,7 @@
	122	#include <X11/Xmd.h>
	123	#include <X11/extensions/xf86dga.h>
	124	#include <ctype.h>
	125	+#include <errno.h>
	126	#include <stdio.h>
	127	#include <stdlib.h>
	128	#include <signal.h>
	129	@@ -141,7 +142,10 @@
	130
	131	#ifndef __UNIXOS2__
	132	/* Give up root privs */
	133	- setuid(getuid());
	134	+ if (setuid(getuid()) == -1) {
	135	+ fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));
	136	+ exit(2);
	137	+ }
	138	#endif
	139
	140	XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);
	141	--- xc/programs/xinit/xinit.c 4 Oct 2005 01:27:34 -0000 1.4
	142	+++ xc/programs/xinit/xinit.c 5 Jun 2006 10:35:21 -0000
2d07cbe4 ER	143	@@ -692,7 +692,10 @@
	144	startClient(char *client[])
	145	{
	146	if ((clientpid = vfork()) == 0) {
	147	- setuid(getuid());
	148	+ if (setuid(getuid()) == -1) {
	149	+ Error("cannot change uid: %s\n", strerror(errno));
	150	+ _exit(ERR_EXIT);
	151	+ }
	152	setpgrp(0, getpid());
	153	environ = newenviron;
	154	#ifdef __UNIXOS2__
	155	--- xc/programs/xload/xload.c 23 Apr 2004 19:54:57 -0000 1.2
	156	+++ xc/programs/xload/xload.c 5 Jun 2006 10:35:21 -0000
	157	@@ -34,7 +34,7 @@
	158	* xload - display system load average in a window
	159	*/
	160
	161	-
	162	+#include <errno.h>
	163	#include <stdio.h>
	164	#include <stdlib.h>
	165	#include <unistd.h>
	166	@@ -162,8 +162,17 @@
	167	/* For security reasons, we reset our uid/gid after doing the necessary
	168	system initialization and before calling any X routines. */
	169	InitLoadPoint();
	170	- setgid(getgid()); /* reset gid first while still (maybe) root */
	171	- setuid(getuid());
	172	+ /* reset gid first while still (maybe) root */
	173	+ if (setgid(getgid()) == -1) {
	174	+ fprintf(stderr, "%s: setgid failed: %s\n",
	175	+ ProgramName, strerror(errno));
	176	+ exit(1);
	177	+ }
	178	+ if (setuid(getuid()) == -1) {
	179	+ fprintf(stderr, "%s: setuid failed: %s\n",
	180	+ ProgramName, strerror(errno));
	181	+ exit(1);
	182	+ }
	183
	184	XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);
	185
	186	--- xc/programs/xterm/main.c 14 Dec 2005 23:28:27 -0000 1.8
	187	+++ xc/programs/xterm/main.c 5 Jun 2006 10:35:22 -0000
	188	@@ -1592,8 +1592,10 @@
	189	Window winToEmbedInto = None;
	190
	191	#ifdef DISABLE_SETUID
	192	- seteuid(getuid());
	193	- setuid(getuid());
	194	+ if (seteuid(getuid()) == -1)
	195	+ exit(2);
	196	+ if (setuid(getuid()) == -1)
	197	+ exit(2);
	198	#endif
	199
	200	ProgramName = argv[0];
	201	@@ -1619,8 +1621,16 @@
	202
	203	#if defined(USE_UTMP_SETGID)
	204	get_pty(NULL, NULL);
	205	- seteuid(getuid());
	206	- setuid(getuid());
207	+ if (seteuid(getuid()) == -1) {
208	+ fprintf(stderr,
209	+ "%s: unable to change back euid\n", ProgramName);
210	+ exit(1);
211	+ }
212	+ if (setuid(getuid()) == -1) {
213	+ fprintf(stderr,
214	+ "%s: unable to change back uid\n", ProgramName);
215	+ exit(1);
216	+ }
217	#define get_pty(pty, from) really_get_pty(pty, from)
218	#endif
219
220	--- xc/programs/xterm/misc.c 14 Dec 2005 23:28:27 -0000 1.6
221	+++ xc/programs/xterm/misc.c 5 Jun 2006 10:35:22 -0000
222	@@ -1094,8 +1094,10 @@
223	pid = fork();
224	switch (pid) {
225	case 0: /* child */
226	- setgid(gid);
227	- setuid(uid);
228	+ if (setgid(gid) == -1)
229	+ _exit(ERROR_SETUID);
230	+ if (setuid(uid) == -1)
231	+ _exit(ERROR_SETUID);
232	fd = open(pathname,
233	O_WRONLY \| O_CREAT \| (append ? O_APPEND : O_EXCL),
234	mode);
235	@@ -1262,8 +1264,10 @@
236	signal(SIGCHLD, SIG_DFL);
237
238	/* (this is redundant) */
239	- setgid(screen->gid);
240	- setuid(screen->uid);
241	+ if (setgid(screen->gid) == -1)
242	+ exit(ERROR_SETUID);
243	+ if (setuid(screen->uid) == -1)
244	+ exit(ERROR_SETUID);
245
246	execl(shell, shell, "-c", &screen->logfile[1], (void *) 0);
247
248	--- xc/programs/xterm/print.c 5 Aug 2005 16:13:04 -0000 1.5
249	+++ xc/programs/xterm/print.c 5 Jun 2006 10:35:22 -0000
250	@@ -387,9 +387,11 @@
251	dup2(fileno(stderr), 2);
252	close(fileno(stderr));
253	}
254	-
255	- setgid(screen->gid); /* don't want privileges! */
256	- setuid(screen->uid);
257	+ /* don't want privileges! */
258	+ if (setgid(screen->gid) == -1)
259	+ exit(2);
260	+ if (setuid(screen->uid) == -1)
261	+ exit(2);
262
263	Printer = popen(screen->printer_command, "w");
264	input = fdopen(my_pipe[0], "r");