]>
Commit | Line | Data |
---|---|---|
2d07cbe4 ER |
1 | --- xc/programs/Xserver/hw/xfree86/common/xf86Init.c 14 Dec 2005 20:12:00 -0000 1.29 |
2 | +++ xc/programs/Xserver/hw/xfree86/common/xf86Init.c 5 Jun 2006 10:35:19 -0000 | |
2d07cbe4 ER |
3 | @@ -1905,7 +1905,11 @@ |
4 | FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno)); | |
5 | break; | |
6 | case 0: /* child */ | |
7 | - setuid(getuid()); | |
8 | + if (setuid(getuid()) == -1) { | |
9 | + xf86Msg(X_ERROR, "xf86RunVtInit: setuid failed (%s)\n", | |
10 | + strerror(errno)); | |
11 | + exit(255); | |
12 | + } | |
13 | /* set stdin, stdout to the consoleFd */ | |
14 | for (i = 0; i < 2; i++) { | |
15 | if (xf86Info.consoleFd != i) { | |
16 | --- xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c 3 Jul 2005 08:53:48 -0000 1.9 | |
17 | +++ xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c 5 Jun 2006 10:35:19 -0000 | |
18 | @@ -1270,7 +1270,10 @@ | |
19 | #ifndef SELF_CONTAINED_WRAPPER | |
20 | xf86DisableIO(); | |
21 | #endif | |
22 | - setuid(getuid()); | |
23 | + if (setuid(getuid()) == -1) { | |
24 | + ErrorF("xf86Execl: setuid() failed: %s\n", strerror(errno)); | |
25 | + exit(255); | |
26 | + } | |
27 | #if !defined(SELF_CONTAINED_WRAPPER) | |
28 | /* set stdin, stdout to the consoleFD, and leave stderr alone */ | |
29 | for (i = 0; i < 2; i++) | |
30 | --- xc/programs/Xserver/hw/xfree86/parser/write.c 3 Jul 2005 07:01:37 -0000 1.3 | |
31 | +++ xc/programs/Xserver/hw/xfree86/parser/write.c 5 Jun 2006 10:35:19 -0000 | |
32 | @@ -170,7 +170,10 @@ | |
33 | strerror(errno)); | |
34 | return 0; | |
35 | case 0: /* child */ | |
36 | - setuid(getuid()); | |
37 | + if (setuid(getuid() == -1) | |
38 | + FatalError("xf86writeConfigFile(): " | |
39 | + "setuid failed(%s)\n", | |
40 | + strerror(errno)); | |
41 | ret = doWriteConfigFile(filename, cptr); | |
42 | exit(ret); | |
43 | break; | |
44 | --- xc/programs/Xserver/os/utils.c 8 Nov 2005 06:33:30 -0000 1.21 | |
45 | +++ xc/programs/Xserver/os/utils.c 5 Jun 2006 10:35:20 -0000 | |
2d07cbe4 ER |
46 | @@ -1718,8 +1718,10 @@ |
47 | case -1: /* error */ | |
48 | p = -1; | |
49 | case 0: /* child */ | |
50 | - setgid(getgid()); | |
51 | - setuid(getuid()); | |
52 | + if (setgid(getgid()) == -1) | |
53 | + _exit(127); | |
54 | + if (setuid(getuid()) == -1) | |
55 | + _exit(127); | |
56 | execl("/bin/sh", "sh", "-c", command, (char *)NULL); | |
57 | _exit(127); | |
58 | default: /* parent */ | |
59 | @@ -1770,8 +1772,10 @@ | |
60 | xfree(cur); | |
61 | return NULL; | |
62 | case 0: /* child */ | |
63 | - setgid(getgid()); | |
64 | - setuid(getuid()); | |
65 | + if (setgid(getgid()) == -1) | |
66 | + _exit(127); | |
67 | + if (setuid(getuid()) == -1) | |
68 | + _exit(127); | |
69 | if (*type == 'r') { | |
70 | if (pdes[1] != 1) { | |
71 | /* stdout */ | |
72 | @@ -1845,8 +1849,10 @@ | |
73 | xfree(cur); | |
74 | return NULL; | |
75 | case 0: /* child */ | |
76 | - setgid(getgid()); | |
77 | - setuid(getuid()); | |
78 | + if (setgid(getgid()) == -1) | |
79 | + _exit(127); | |
80 | + if (setuid(getuid()) == -1) | |
81 | + _exit(127); | |
82 | if (*type == 'r') { | |
83 | if (pdes[1] != 1) { | |
84 | /* stdout */ | |
85 | --- xc/programs/xdm/session.c 8 Nov 2005 06:33:31 -0000 1.3 | |
86 | +++ xc/programs/xdm/session.c 5 Jun 2006 10:35:21 -0000 | |
2d07cbe4 ER |
87 | @@ -488,8 +488,14 @@ |
88 | else | |
89 | ResetServer (d); | |
90 | if (removeAuth) { | |
91 | - setgid (verify.gid); | |
92 | - setuid (verify.uid); | |
93 | + if (setgid (verify.gid) == -1) { | |
94 | + LogError( "SessionExit: setgid: %s\n", strerror(errno)); | |
95 | + exit(status); | |
96 | + } | |
97 | + if (setuid (verify.uid) == -1) { | |
98 | + LogError( "SessionExit: setuid: %s\n", strerror(errno)); | |
99 | + exit(status); | |
100 | + } | |
101 | RemoveUserAuthorization (d, &verify); | |
102 | #ifdef K5AUTH | |
103 | /* do like "kdestroy" program */ | |
104 | --- xc/programs/xdm/xdmshell.c 14 Jul 2005 22:58:25 -0000 1.3 | |
105 | +++ xc/programs/xdm/xdmshell.c 5 Jun 2006 10:35:21 -0000 | |
106 | @@ -183,7 +183,11 @@ | |
107 | #endif | |
108 | ||
109 | /* make xdm run in a non-setuid environment */ | |
110 | - setuid (geteuid()); | |
111 | + if (setuid (geteuid()) == -1) { | |
112 | + fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n", | |
113 | + ProgramName, errno, strerror(errno)); | |
114 | + exit(1); | |
115 | + } | |
116 | ||
117 | /* | |
118 | * exec /usr/bin/X11/xdm -nodaemon -udpPort 0 | |
119 | --- xc/programs/xf86dga/dga.c 23 Apr 2004 19:54:47 -0000 1.2 | |
120 | +++ xc/programs/xf86dga/dga.c 5 Jun 2006 10:35:21 -0000 | |
121 | @@ -16,6 +16,7 @@ | |
122 | #include <X11/Xmd.h> | |
123 | #include <X11/extensions/xf86dga.h> | |
124 | #include <ctype.h> | |
125 | +#include <errno.h> | |
126 | #include <stdio.h> | |
127 | #include <stdlib.h> | |
128 | #include <signal.h> | |
129 | @@ -141,7 +142,10 @@ | |
130 | ||
131 | #ifndef __UNIXOS2__ | |
132 | /* Give up root privs */ | |
133 | - setuid(getuid()); | |
134 | + if (setuid(getuid()) == -1) { | |
135 | + fprintf(stderr, "Unable to change uid: %s\n", strerror(errno)); | |
136 | + exit(2); | |
137 | + } | |
138 | #endif | |
139 | ||
140 | XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0); | |
141 | --- xc/programs/xinit/xinit.c 4 Oct 2005 01:27:34 -0000 1.4 | |
142 | +++ xc/programs/xinit/xinit.c 5 Jun 2006 10:35:21 -0000 | |
2d07cbe4 ER |
143 | @@ -692,7 +692,10 @@ |
144 | startClient(char *client[]) | |
145 | { | |
146 | if ((clientpid = vfork()) == 0) { | |
147 | - setuid(getuid()); | |
148 | + if (setuid(getuid()) == -1) { | |
149 | + Error("cannot change uid: %s\n", strerror(errno)); | |
150 | + _exit(ERR_EXIT); | |
151 | + } | |
152 | setpgrp(0, getpid()); | |
153 | environ = newenviron; | |
154 | #ifdef __UNIXOS2__ | |
155 | --- xc/programs/xload/xload.c 23 Apr 2004 19:54:57 -0000 1.2 | |
156 | +++ xc/programs/xload/xload.c 5 Jun 2006 10:35:21 -0000 | |
157 | @@ -34,7 +34,7 @@ | |
158 | * xload - display system load average in a window | |
159 | */ | |
160 | ||
161 | - | |
162 | +#include <errno.h> | |
163 | #include <stdio.h> | |
164 | #include <stdlib.h> | |
165 | #include <unistd.h> | |
166 | @@ -162,8 +162,17 @@ | |
167 | /* For security reasons, we reset our uid/gid after doing the necessary | |
168 | system initialization and before calling any X routines. */ | |
169 | InitLoadPoint(); | |
170 | - setgid(getgid()); /* reset gid first while still (maybe) root */ | |
171 | - setuid(getuid()); | |
172 | + /* reset gid first while still (maybe) root */ | |
173 | + if (setgid(getgid()) == -1) { | |
174 | + fprintf(stderr, "%s: setgid failed: %s\n", | |
175 | + ProgramName, strerror(errno)); | |
176 | + exit(1); | |
177 | + } | |
178 | + if (setuid(getuid()) == -1) { | |
179 | + fprintf(stderr, "%s: setuid failed: %s\n", | |
180 | + ProgramName, strerror(errno)); | |
181 | + exit(1); | |
182 | + } | |
183 | ||
184 | XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL); | |
185 | ||
186 | --- xc/programs/xterm/main.c 14 Dec 2005 23:28:27 -0000 1.8 | |
187 | +++ xc/programs/xterm/main.c 5 Jun 2006 10:35:22 -0000 | |
188 | @@ -1592,8 +1592,10 @@ | |
189 | Window winToEmbedInto = None; | |
190 | ||
191 | #ifdef DISABLE_SETUID | |
192 | - seteuid(getuid()); | |
193 | - setuid(getuid()); | |
194 | + if (seteuid(getuid()) == -1) | |
195 | + exit(2); | |
196 | + if (setuid(getuid()) == -1) | |
197 | + exit(2); | |
198 | #endif | |
199 | ||
200 | ProgramName = argv[0]; | |
201 | @@ -1619,8 +1621,16 @@ | |
202 | ||
203 | #if defined(USE_UTMP_SETGID) | |
204 | get_pty(NULL, NULL); | |
205 | - seteuid(getuid()); | |
206 | - setuid(getuid()); | |
207 | + if (seteuid(getuid()) == -1) { | |
208 | + fprintf(stderr, | |
209 | + "%s: unable to change back euid\n", ProgramName); | |
210 | + exit(1); | |
211 | + } | |
212 | + if (setuid(getuid()) == -1) { | |
213 | + fprintf(stderr, | |
214 | + "%s: unable to change back uid\n", ProgramName); | |
215 | + exit(1); | |
216 | + } | |
217 | #define get_pty(pty, from) really_get_pty(pty, from) | |
218 | #endif | |
219 | ||
220 | --- xc/programs/xterm/misc.c 14 Dec 2005 23:28:27 -0000 1.6 | |
221 | +++ xc/programs/xterm/misc.c 5 Jun 2006 10:35:22 -0000 | |
222 | @@ -1094,8 +1094,10 @@ | |
223 | pid = fork(); | |
224 | switch (pid) { | |
225 | case 0: /* child */ | |
226 | - setgid(gid); | |
227 | - setuid(uid); | |
228 | + if (setgid(gid) == -1) | |
229 | + _exit(ERROR_SETUID); | |
230 | + if (setuid(uid) == -1) | |
231 | + _exit(ERROR_SETUID); | |
232 | fd = open(pathname, | |
233 | O_WRONLY | O_CREAT | (append ? O_APPEND : O_EXCL), | |
234 | mode); | |
235 | @@ -1262,8 +1264,10 @@ | |
236 | signal(SIGCHLD, SIG_DFL); | |
237 | ||
238 | /* (this is redundant) */ | |
239 | - setgid(screen->gid); | |
240 | - setuid(screen->uid); | |
241 | + if (setgid(screen->gid) == -1) | |
242 | + exit(ERROR_SETUID); | |
243 | + if (setuid(screen->uid) == -1) | |
244 | + exit(ERROR_SETUID); | |
245 | ||
246 | execl(shell, shell, "-c", &screen->logfile[1], (void *) 0); | |
247 | ||
248 | --- xc/programs/xterm/print.c 5 Aug 2005 16:13:04 -0000 1.5 | |
249 | +++ xc/programs/xterm/print.c 5 Jun 2006 10:35:22 -0000 | |
250 | @@ -387,9 +387,11 @@ | |
251 | dup2(fileno(stderr), 2); | |
252 | close(fileno(stderr)); | |
253 | } | |
254 | - | |
255 | - setgid(screen->gid); /* don't want privileges! */ | |
256 | - setuid(screen->uid); | |
257 | + /* don't want privileges! */ | |
258 | + if (setgid(screen->gid) == -1) | |
259 | + exit(2); | |
260 | + if (setuid(screen->uid) == -1) | |
261 | + exit(2); | |
262 | ||
263 | Printer = popen(screen->printer_command, "w"); | |
264 | input = fdopen(my_pipe[0], "r"); |