[packages/X11.git] / x11r6.9.0-setuid.diff

--- xc/programs/Xserver/hw/xfree86/common/xf86Init.c	14 Dec 2005 20:12:00 -0000	1.29
+++ xc/programs/Xserver/hw/xfree86/common/xf86Init.c	5 Jun 2006 10:35:19 -0000
@@ -1,5 +1,5 @@
 /* $XFree86: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 3.212 2004/01/27 01:31:45 dawes Exp $ */
-/* $XdotOrg: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 1.29 2005-12-14 20:12:00 ajax Exp $ */
+/* $XdotOrg: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 1.29 2005/12/14 20:12:00 ajax Exp $ */
 
 /*
  * Loosely based on code bearing the following copyright:
@@ -1905,7 +1905,11 @@
           FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno));
           break;
       case 0:  /* child */
-          setuid(getuid());
+	  if (setuid(getuid()) == -1) {
+	      xf86Msg(X_ERROR, "xf86RunVtInit: setuid failed (%s)\n",
+			 strerror(errno));
+	      exit(255);
+	  }
           /* set stdin, stdout to the consoleFd */
           for (i = 0; i < 2; i++) {
             if (xf86Info.consoleFd != i) {
--- xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c	3 Jul 2005 08:53:48 -0000	1.9
+++ xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c	5 Jun 2006 10:35:19 -0000
@@ -1270,7 +1270,10 @@
 #ifndef SELF_CONTAINED_WRAPPER
 	xf86DisableIO();
 #endif
-        setuid(getuid());
+        if (setuid(getuid()) == -1) {
+		ErrorF("xf86Execl: setuid() failed: %s\n", strerror(errno));
+		exit(255);
+	}
 #if !defined(SELF_CONTAINED_WRAPPER)
         /* set stdin, stdout to the consoleFD, and leave stderr alone */
         for (i = 0; i < 2; i++)
--- xc/programs/Xserver/hw/xfree86/parser/write.c	3 Jul 2005 07:01:37 -0000	1.3
+++ xc/programs/Xserver/hw/xfree86/parser/write.c	5 Jun 2006 10:35:19 -0000
@@ -170,7 +170,10 @@
 					strerror(errno));
 			return 0;
 		case 0: /* child */
-			setuid(getuid());
+			if (setuid(getuid() == -1) 
+			    FatalError("xf86writeConfigFile(): "
+				"setuid failed(%s)\n", 
+				strerror(errno));
 			ret = doWriteConfigFile(filename, cptr);
 			exit(ret);
 			break;
--- xc/programs/Xserver/os/utils.c	8 Nov 2005 06:33:30 -0000	1.21
+++ xc/programs/Xserver/os/utils.c	5 Jun 2006 10:35:20 -0000
@@ -1,4 +1,4 @@
-/* $XdotOrg: xc/programs/Xserver/os/utils.c,v 1.21 2005-11-08 06:33:30 jkj Exp $ */
+/* $XdotOrg: xc/programs/Xserver/os/utils.c,v 1.21 2005/11/08 06:33:30 jkj Exp $ */
 /* $Xorg: utils.c,v 1.5 2001/02/09 02:05:24 xorgcvs Exp $ */
 /*
 
@@ -1718,8 +1718,10 @@
     case -1:	/* error */
 	p = -1;
     case 0:	/* child */
-	setgid(getgid());
-	setuid(getuid());
+	if (setgid(getgid()) == -1)
+	    _exit(127);
+	if (setuid(getuid()) == -1)
+	    _exit(127);
 	execl("/bin/sh", "sh", "-c", command, (char *)NULL);
 	_exit(127);
     default:	/* parent */
@@ -1770,8 +1772,10 @@
 	xfree(cur);
 	return NULL;
     case 0:	/* child */
-	setgid(getgid());
-	setuid(getuid());
+	if (setgid(getgid()) == -1)
+	    _exit(127);
+	if (setuid(getuid()) == -1)
+	    _exit(127);
 	if (*type == 'r') {
 	    if (pdes[1] != 1) {
 		/* stdout */
@@ -1845,8 +1849,10 @@
 	xfree(cur);
 	return NULL;
     case 0:	/* child */
-	setgid(getgid());
-	setuid(getuid());
+	if (setgid(getgid()) == -1)
+	    _exit(127);
+	if (setuid(getuid()) == -1)
+	    _exit(127);
 	if (*type == 'r') {
 	    if (pdes[1] != 1) {
 		/* stdout */
--- xc/programs/xdm/session.c	8 Nov 2005 06:33:31 -0000	1.3
+++ xc/programs/xdm/session.c	5 Jun 2006 10:35:21 -0000
@@ -1,4 +1,4 @@
-/* $XdotOrg: xc/programs/xdm/session.c,v 1.3 2005-11-08 06:33:31 jkj Exp $ */
+/* $XdotOrg: xc/programs/xdm/session.c,v 1.3 2005/11/08 06:33:31 jkj Exp $ */
 /* $Xorg: session.c,v 1.8 2001/02/09 02:05:40 xorgcvs Exp $ */
 /*
 
@@ -488,8 +488,14 @@
     else
 	ResetServer (d);
     if (removeAuth) {
-	setgid (verify.gid);
-	setuid (verify.uid);
+	if (setgid (verify.gid) == -1) {
+	    LogError( "SessionExit: setgid: %s\n", strerror(errno));
+	    exit(status);
+	}
+	if (setuid (verify.uid) == -1) {
+	    LogError( "SessionExit: setuid: %s\n", strerror(errno));
+	    exit(status);
+	}
 	RemoveUserAuthorization (d, &verify);
 #ifdef K5AUTH
 	/* do like "kdestroy" program */
--- xc/programs/xdm/xdmshell.c	14 Jul 2005 22:58:25 -0000	1.3
+++ xc/programs/xdm/xdmshell.c	5 Jun 2006 10:35:21 -0000
@@ -183,7 +183,11 @@
 #endif
 
     /* make xdm run in a non-setuid environment */
-    setuid (geteuid());
+    if (setuid (geteuid()) == -1) {
+	fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n",
+		ProgramName, errno, strerror(errno));
+	exit(1);
+    }
 
     /*
      * exec /usr/bin/X11/xdm -nodaemon -udpPort 0
--- xc/programs/xf86dga/dga.c	23 Apr 2004 19:54:47 -0000	1.2
+++ xc/programs/xf86dga/dga.c	5 Jun 2006 10:35:21 -0000
@@ -16,6 +16,7 @@
 #include <X11/Xmd.h>
 #include <X11/extensions/xf86dga.h>
 #include <ctype.h>
+#include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <signal.h>
@@ -141,7 +142,10 @@
 
 #ifndef __UNIXOS2__
    /* Give up root privs */
-   setuid(getuid());
+   if (setuid(getuid()) == -1) {
+      fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));
+      exit(2);
+   }
 #endif
 
    XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);
--- xc/programs/xinit/xinit.c	4 Oct 2005 01:27:34 -0000	1.4
+++ xc/programs/xinit/xinit.c	5 Jun 2006 10:35:21 -0000
@@ -1,5 +1,5 @@
 /* $Xorg: xinit.c,v 1.5 2001/02/09 02:05:49 xorgcvs Exp $ */
-/* $XdotOrg: xc/programs/xinit/xinit.c,v 1.4 2005-10-04 01:27:34 ajax Exp $ */
+/* $XdotOrg: xc/programs/xinit/xinit.c,v 1.4 2005/10/04 01:27:34 ajax Exp $ */
 
 /*
 
@@ -692,7 +692,10 @@
 startClient(char *client[])
 {
 	if ((clientpid = vfork()) == 0) {
-		setuid(getuid());
+		if (setuid(getuid()) == -1) {
+			Error("cannot change uid: %s\n", strerror(errno));
+			_exit(ERR_EXIT);
+		}
 		setpgrp(0, getpid());
 		environ = newenviron;
 #ifdef __UNIXOS2__
--- xc/programs/xload/xload.c	23 Apr 2004 19:54:57 -0000	1.2
+++ xc/programs/xload/xload.c	5 Jun 2006 10:35:21 -0000
@@ -34,7 +34,7 @@
  * xload - display system load average in a window
  */
 
-
+#include <errno.h>
 #include <stdio.h> 
 #include <stdlib.h>
 #include <unistd.h>
@@ -162,8 +162,17 @@
     /* For security reasons, we reset our uid/gid after doing the necessary
        system initialization and before calling any X routines. */
     InitLoadPoint();
-    setgid(getgid());		/* reset gid first while still (maybe) root */
-    setuid(getuid());
+    /* reset gid first while still (maybe) root */
+    if (setgid(getgid()) == -1) {
+	    fprintf(stderr, "%s: setgid failed: %s\n", 
+		ProgramName, strerror(errno));
+	    exit(1);
+    }
+    if (setuid(getuid()) == -1) {
+	    fprintf(stderr, "%s: setuid failed: %s\n", 
+		ProgramName, strerror(errno));
+	    exit(1);
+    }
 
     XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);
 
--- xc/programs/xterm/main.c	14 Dec 2005 23:28:27 -0000	1.8
+++ xc/programs/xterm/main.c	5 Jun 2006 10:35:22 -0000
@@ -1592,8 +1592,10 @@
     Window winToEmbedInto = None;
 
 #ifdef DISABLE_SETUID
-    seteuid(getuid());
-    setuid(getuid());
+    if (seteuid(getuid()) == -1)
+	    exit(2);
+    if (setuid(getuid()) == -1)
+	    exit(2);
 #endif
 
     ProgramName = argv[0];
@@ -1619,8 +1621,16 @@
 
 #if defined(USE_UTMP_SETGID)
     get_pty(NULL, NULL);
-    seteuid(getuid());
-    setuid(getuid());
+    if (seteuid(getuid()) == -1) {
+           fprintf(stderr,
+               "%s: unable to change back euid\n", ProgramName);
+           exit(1);
+    }
+    if (setuid(getuid()) == -1) {
+           fprintf(stderr,
+               "%s: unable to change back uid\n", ProgramName);
+           exit(1);
+    }
 #define get_pty(pty, from) really_get_pty(pty, from)
 #endif
 
--- xc/programs/xterm/misc.c	14 Dec 2005 23:28:27 -0000	1.6
+++ xc/programs/xterm/misc.c	5 Jun 2006 10:35:22 -0000
@@ -1094,8 +1094,10 @@
     pid = fork();
     switch (pid) {
     case 0:			/* child */
-	setgid(gid);
-	setuid(uid);
+	if (setgid(gid) == -1)
+	    _exit(ERROR_SETUID);
+	if (setuid(uid) == -1) 
+	    _exit(ERROR_SETUID);
 	fd = open(pathname,
 		  O_WRONLY | O_CREAT | (append ? O_APPEND : O_EXCL),
 		  mode);
@@ -1262,8 +1264,10 @@
 	    signal(SIGCHLD, SIG_DFL);
 
 	    /* (this is redundant) */
-	    setgid(screen->gid);
-	    setuid(screen->uid);
+	    if (setgid(screen->gid) == -1)
+		exit(ERROR_SETUID);
+	    if (setuid(screen->uid) == -1)
+		exit(ERROR_SETUID);
 
 	    execl(shell, shell, "-c", &screen->logfile[1], (void *) 0);
 
--- xc/programs/xterm/print.c	5 Aug 2005 16:13:04 -0000	1.5
+++ xc/programs/xterm/print.c	5 Jun 2006 10:35:22 -0000
@@ -387,9 +387,11 @@
 		dup2(fileno(stderr), 2);
 		close(fileno(stderr));
 	    }
-
-	    setgid(screen->gid);	/* don't want privileges! */
-	    setuid(screen->uid);
+	    /* don't want privileges! */
+	    if (setgid(screen->gid) == -1)
+		    exit(2);
+	    if (setuid(screen->uid) == -1)
+		    exit(2);
 
 	    Printer = popen(screen->printer_command, "w");
 	    input = fdopen(my_pipe[0], "r");
Commit	Line	Data
2d07cbe4 ER	1	--- xc/programs/Xserver/hw/xfree86/common/xf86Init.c 14 Dec 2005 20:12:00 -0000 1.29
	2	+++ xc/programs/Xserver/hw/xfree86/common/xf86Init.c 5 Jun 2006 10:35:19 -0000
	3	@@ -1,5 +1,5 @@
	4	/* $XFree86: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 3.212 2004/01/27 01:31:45 dawes Exp $ */
	5	-/* $XdotOrg: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 1.29 2005-12-14 20:12:00 ajax Exp $ */
	6	+/* $XdotOrg: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 1.29 2005/12/14 20:12:00 ajax Exp $ */
	7
	8	/*
	9	* Loosely based on code bearing the following copyright:
	10	@@ -1905,7 +1905,11 @@
	11	FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno));
	12	break;
	13	case 0: /* child */
	14	- setuid(getuid());
	15	+ if (setuid(getuid()) == -1) {
	16	+ xf86Msg(X_ERROR, "xf86RunVtInit: setuid failed (%s)\n",
	17	+ strerror(errno));
	18	+ exit(255);
	19	+ }
	20	/* set stdin, stdout to the consoleFd */
	21	for (i = 0; i < 2; i++) {
	22	if (xf86Info.consoleFd != i) {
	23	--- xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c 3 Jul 2005 08:53:48 -0000 1.9
	24	+++ xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c 5 Jun 2006 10:35:19 -0000
	25	@@ -1270,7 +1270,10 @@
	26	#ifndef SELF_CONTAINED_WRAPPER
	27	xf86DisableIO();
	28	#endif
	29	- setuid(getuid());
	30	+ if (setuid(getuid()) == -1) {
	31	+ ErrorF("xf86Execl: setuid() failed: %s\n", strerror(errno));
	32	+ exit(255);
	33	+ }
	34	#if !defined(SELF_CONTAINED_WRAPPER)
	35	/* set stdin, stdout to the consoleFD, and leave stderr alone */
	36	for (i = 0; i < 2; i++)
	37	--- xc/programs/Xserver/hw/xfree86/parser/write.c 3 Jul 2005 07:01:37 -0000 1.3
	38	+++ xc/programs/Xserver/hw/xfree86/parser/write.c 5 Jun 2006 10:35:19 -0000
	39	@@ -170,7 +170,10 @@
	40	strerror(errno));
	41	return 0;
	42	case 0: /* child */
	43	- setuid(getuid());
	44	+ if (setuid(getuid() == -1)
	45	+ FatalError("xf86writeConfigFile(): "
	46	+ "setuid failed(%s)\n",
	47	+ strerror(errno));
	48	ret = doWriteConfigFile(filename, cptr);
	49	exit(ret);
	50	break;
	51	--- xc/programs/Xserver/os/utils.c 8 Nov 2005 06:33:30 -0000 1.21
	52	+++ xc/programs/Xserver/os/utils.c 5 Jun 2006 10:35:20 -0000
	53	@@ -1,4 +1,4 @@
	54	-/* $XdotOrg: xc/programs/Xserver/os/utils.c,v 1.21 2005-11-08 06:33:30 jkj Exp $ */
	55	+/* $XdotOrg: xc/programs/Xserver/os/utils.c,v 1.21 2005/11/08 06:33:30 jkj Exp $ */
	56	/* $Xorg: utils.c,v 1.5 2001/02/09 02:05:24 xorgcvs Exp $ */
	57	/*
	58
	59	@@ -1718,8 +1718,10 @@
	60	case -1: /* error */
	61	p = -1;
	62	case 0: /* child */
	63	- setgid(getgid());
	64	- setuid(getuid());
65	+ if (setgid(getgid()) == -1)
66	+ _exit(127);
67	+ if (setuid(getuid()) == -1)
68	+ _exit(127);
69	execl("/bin/sh", "sh", "-c", command, (char *)NULL);
70	_exit(127);
71	default: /* parent */
72	@@ -1770,8 +1772,10 @@
73	xfree(cur);
74	return NULL;
75	case 0: /* child */
76	- setgid(getgid());
77	- setuid(getuid());
78	+ if (setgid(getgid()) == -1)
79	+ _exit(127);
80	+ if (setuid(getuid()) == -1)
81	+ _exit(127);
82	if (*type == 'r') {
83	if (pdes[1] != 1) {
84	/* stdout */
85	@@ -1845,8 +1849,10 @@
86	xfree(cur);
87	return NULL;
88	case 0: /* child */
89	- setgid(getgid());
90	- setuid(getuid());
91	+ if (setgid(getgid()) == -1)
92	+ _exit(127);
93	+ if (setuid(getuid()) == -1)
94	+ _exit(127);
95	if (*type == 'r') {
96	if (pdes[1] != 1) {
97	/* stdout */
98	--- xc/programs/xdm/session.c 8 Nov 2005 06:33:31 -0000 1.3
99	+++ xc/programs/xdm/session.c 5 Jun 2006 10:35:21 -0000
100	@@ -1,4 +1,4 @@
101	-/* $XdotOrg: xc/programs/xdm/session.c,v 1.3 2005-11-08 06:33:31 jkj Exp $ */
102	+/* $XdotOrg: xc/programs/xdm/session.c,v 1.3 2005/11/08 06:33:31 jkj Exp $ */
103	/* $Xorg: session.c,v 1.8 2001/02/09 02:05:40 xorgcvs Exp $ */
104	/*
105
106	@@ -488,8 +488,14 @@
107	else
108	ResetServer (d);
109	if (removeAuth) {
110	- setgid (verify.gid);
111	- setuid (verify.uid);
112	+ if (setgid (verify.gid) == -1) {
113	+ LogError( "SessionExit: setgid: %s\n", strerror(errno));
114	+ exit(status);
115	+ }
116	+ if (setuid (verify.uid) == -1) {
117	+ LogError( "SessionExit: setuid: %s\n", strerror(errno));
118	+ exit(status);
119	+ }
120	RemoveUserAuthorization (d, &verify);
121	#ifdef K5AUTH
122	/* do like "kdestroy" program */
123	--- xc/programs/xdm/xdmshell.c 14 Jul 2005 22:58:25 -0000 1.3
124	+++ xc/programs/xdm/xdmshell.c 5 Jun 2006 10:35:21 -0000
125	@@ -183,7 +183,11 @@
126	#endif
127
128	/* make xdm run in a non-setuid environment */
129	- setuid (geteuid());
130	+ if (setuid (geteuid()) == -1) {
131	+ fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n",
132	+ ProgramName, errno, strerror(errno));
133	+ exit(1);
134	+ }
135
136	/*
137	* exec /usr/bin/X11/xdm -nodaemon -udpPort 0
138	--- xc/programs/xf86dga/dga.c 23 Apr 2004 19:54:47 -0000 1.2
139	+++ xc/programs/xf86dga/dga.c 5 Jun 2006 10:35:21 -0000
140	@@ -16,6 +16,7 @@
141	#include <X11/Xmd.h>
142	#include <X11/extensions/xf86dga.h>
143	#include <ctype.h>
144	+#include <errno.h>
145	#include <stdio.h>
146	#include <stdlib.h>
147	#include <signal.h>
148	@@ -141,7 +142,10 @@
149
150	#ifndef __UNIXOS2__
151	/* Give up root privs */
152	- setuid(getuid());
153	+ if (setuid(getuid()) == -1) {
154	+ fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));
155	+ exit(2);
156	+ }
157	#endif
158
159	XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);
160	--- xc/programs/xinit/xinit.c 4 Oct 2005 01:27:34 -0000 1.4
161	+++ xc/programs/xinit/xinit.c 5 Jun 2006 10:35:21 -0000
162	@@ -1,5 +1,5 @@
163	/* $Xorg: xinit.c,v 1.5 2001/02/09 02:05:49 xorgcvs Exp $ */
164	-/* $XdotOrg: xc/programs/xinit/xinit.c,v 1.4 2005-10-04 01:27:34 ajax Exp $ */
165	+/* $XdotOrg: xc/programs/xinit/xinit.c,v 1.4 2005/10/04 01:27:34 ajax Exp $ */
166
167	/*
168
169	@@ -692,7 +692,10 @@
170	startClient(char *client[])
171	{
172	if ((clientpid = vfork()) == 0) {
173	- setuid(getuid());
174	+ if (setuid(getuid()) == -1) {
175	+ Error("cannot change uid: %s\n", strerror(errno));
176	+ _exit(ERR_EXIT);
177	+ }
178	setpgrp(0, getpid());
179	environ = newenviron;
180	#ifdef __UNIXOS2__
181	--- xc/programs/xload/xload.c 23 Apr 2004 19:54:57 -0000 1.2
182	+++ xc/programs/xload/xload.c 5 Jun 2006 10:35:21 -0000
183	@@ -34,7 +34,7 @@
184	* xload - display system load average in a window
185	*/
186
187	-
188	+#include <errno.h>
189	#include <stdio.h>
190	#include <stdlib.h>
191	#include <unistd.h>
192	@@ -162,8 +162,17 @@
193	/* For security reasons, we reset our uid/gid after doing the necessary
194	system initialization and before calling any X routines. */
195	InitLoadPoint();
196	- setgid(getgid()); /* reset gid first while still (maybe) root */
197	- setuid(getuid());
198	+ /* reset gid first while still (maybe) root */
199	+ if (setgid(getgid()) == -1) {
200	+ fprintf(stderr, "%s: setgid failed: %s\n",
201	+ ProgramName, strerror(errno));
202	+ exit(1);
203	+ }
204	+ if (setuid(getuid()) == -1) {
205	+ fprintf(stderr, "%s: setuid failed: %s\n",
206	+ ProgramName, strerror(errno));
207	+ exit(1);
208	+ }
209
210	XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);
211
212	--- xc/programs/xterm/main.c 14 Dec 2005 23:28:27 -0000 1.8
213	+++ xc/programs/xterm/main.c 5 Jun 2006 10:35:22 -0000
214	@@ -1592,8 +1592,10 @@
215	Window winToEmbedInto = None;
216
217	#ifdef DISABLE_SETUID
218	- seteuid(getuid());
219	- setuid(getuid());
220	+ if (seteuid(getuid()) == -1)
221	+ exit(2);
222	+ if (setuid(getuid()) == -1)
223	+ exit(2);
224	#endif
225
226	ProgramName = argv[0];
227	@@ -1619,8 +1621,16 @@
228
229	#if defined(USE_UTMP_SETGID)
230	get_pty(NULL, NULL);
231	- seteuid(getuid());
232	- setuid(getuid());
233	+ if (seteuid(getuid()) == -1) {
234	+ fprintf(stderr,
235	+ "%s: unable to change back euid\n", ProgramName);
236	+ exit(1);
237	+ }
238	+ if (setuid(getuid()) == -1) {
239	+ fprintf(stderr,
240	+ "%s: unable to change back uid\n", ProgramName);
241	+ exit(1);
242	+ }
243	#define get_pty(pty, from) really_get_pty(pty, from)
244	#endif
245
246	--- xc/programs/xterm/misc.c 14 Dec 2005 23:28:27 -0000 1.6
247	+++ xc/programs/xterm/misc.c 5 Jun 2006 10:35:22 -0000
248	@@ -1094,8 +1094,10 @@
249	pid = fork();
250	switch (pid) {
251	case 0: /* child */
252	- setgid(gid);
253	- setuid(uid);
254	+ if (setgid(gid) == -1)
255	+ _exit(ERROR_SETUID);
256	+ if (setuid(uid) == -1)
257	+ _exit(ERROR_SETUID);
258	fd = open(pathname,
259	O_WRONLY \| O_CREAT \| (append ? O_APPEND : O_EXCL),
260	mode);
261	@@ -1262,8 +1264,10 @@
262	signal(SIGCHLD, SIG_DFL);
263
264	/* (this is redundant) */
265	- setgid(screen->gid);
266	- setuid(screen->uid);
267	+ if (setgid(screen->gid) == -1)
268	+ exit(ERROR_SETUID);
269	+ if (setuid(screen->uid) == -1)
270	+ exit(ERROR_SETUID);
271
272	execl(shell, shell, "-c", &screen->logfile[1], (void *) 0);
273
274	--- xc/programs/xterm/print.c 5 Aug 2005 16:13:04 -0000 1.5
275	+++ xc/programs/xterm/print.c 5 Jun 2006 10:35:22 -0000
276	@@ -387,9 +387,11 @@
277	dup2(fileno(stderr), 2);
278	close(fileno(stderr));
279	}
280	-
281	- setgid(screen->gid); /* don't want privileges! */
282	- setuid(screen->uid);
283	+ /* don't want privileges! */
284	+ if (setgid(screen->gid) == -1)
285	+ exit(2);
286	+ if (setuid(screen->uid) == -1)
287	+ exit(2);
288
289	Printer = popen(screen->printer_command, "w");
290	input = fdopen(my_pipe[0], "r");