]>
Commit | Line | Data |
---|---|---|
af24db87 ER |
1 | Index: xc/config/util/chownxterm.c |
2 | =================================================================== | |
3 | RCS file: /cvs/xorg/xc/config/util/chownxterm.c,v | |
4 | retrieving revision 1.1.1.1 | |
5 | diff -u -r1.1.1.1 chownxterm.c | |
6 | --- xc/config/util/chownxterm.c 14 Nov 2003 16:48:20 -0000 1.1.1.1 | |
7 | +++ xc/config/util/chownxterm.c 5 Jun 2006 10:35:10 -0000 | |
8 | @@ -41,8 +41,10 @@ | |
9 | ||
10 | void help() | |
11 | { | |
12 | - setgid(getgid()); | |
13 | - setuid(getuid()); | |
14 | + if (setgid(getgid()) == -1) | |
15 | + exit(1); | |
16 | + if (setuid(getuid()) == -1) | |
17 | + exit(1); | |
18 | printf("chown-xterm makes %s suid root\n", XTERM_PATH); | |
19 | printf("This is necessary on Ultrix for /dev/tty operation.\n"); | |
20 | exit(0); | |
21 | @@ -51,8 +53,10 @@ | |
22 | void print_error(err_string) | |
23 | char *err_string; | |
24 | { | |
25 | - setgid(getgid()); | |
26 | - setuid(getuid()); | |
27 | + if (setgid(getgid()) == -1) | |
28 | + exit(1); | |
29 | + if (setuid(getuid()) == -1) | |
30 | + exit(1); | |
31 | fprintf(stderr, "%s: \"%s\"", prog_name, err_string); | |
32 | perror(" failed"); | |
33 | exit(1); | |
34 | Index: xc/lib/X11/lcFile.c | |
35 | =================================================================== | |
36 | RCS file: /cvs/xorg/xc/lib/X11/lcFile.c,v | |
37 | retrieving revision 1.6 | |
38 | diff -u -r1.6 lcFile.c | |
39 | --- xc/lib/X11/lcFile.c 13 May 2005 22:53:44 -0000 1.6 | |
40 | +++ xc/lib/X11/lcFile.c 5 Jun 2006 10:35:14 -0000 | |
41 | @@ -269,7 +269,11 @@ | |
42 | if (seteuid(0) != 0) { | |
43 | priv = 0; | |
44 | } else { | |
45 | - seteuid(oldeuid); | |
46 | + if (seteuid(oldeuid) == -1) { | |
47 | + /* XXX ouch, coudn't get back to original uid | |
48 | + what can we do ??? */ | |
49 | + _exit(127); | |
50 | + } | |
51 | priv = 1; | |
52 | } | |
53 | #endif | |
54 | Index: xc/lib/xtrans/Xtranslcl.c | |
55 | =================================================================== | |
56 | RCS file: /cvs/xorg/xc/lib/xtrans/Xtranslcl.c,v | |
57 | retrieving revision 1.4 | |
58 | diff -u -r1.4 Xtranslcl.c | |
59 | --- xc/lib/xtrans/Xtranslcl.c 8 Nov 2005 06:33:26 -0000 1.4 | |
60 | +++ xc/lib/xtrans/Xtranslcl.c 5 Jun 2006 10:35:15 -0000 | |
61 | @@ -360,7 +360,10 @@ | |
62 | uid_t saved_euid; | |
63 | ||
64 | saved_euid = geteuid(); | |
65 | - setuid( getuid() ); /** sets the euid to the actual/real uid **/ | |
66 | + /** sets the euid to the actual/real uid **/ | |
67 | + if (setuid( getuid() ) == -1) { | |
68 | + exit(1); | |
69 | + } | |
70 | if( chown( slave, saved_euid, -1 ) < 0 ) { | |
71 | exit( 1 ); | |
72 | } | |
73 | @@ -369,7 +372,13 @@ | |
74 | } | |
75 | ||
76 | waitpid(saved_pid, &exitval, 0); | |
77 | - | |
78 | + if (WIFEXITED(exitval) && WEXITSTATUS(exitval) != 0) { | |
79 | + close(fd); | |
80 | + close(server); | |
81 | + PRMSG(1, "PTSOpenClient: cannot set the owner of %s\n", | |
82 | + slave, 0, 0); | |
83 | + return(-1); | |
84 | + } | |
85 | if (chmod(slave, 0666) < 0) { | |
86 | close(fd); | |
87 | close(server); | |
88 | Index: xc/programs/Xserver/hw/xfree86/common/xf86Init.c | |
89 | =================================================================== | |
90 | RCS file: /cvs/xorg/xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v | |
91 | retrieving revision 1.29 | |
92 | diff -u -r1.29 xf86Init.c | |
2d07cbe4 ER |
93 | --- xc/programs/Xserver/hw/xfree86/common/xf86Init.c 14 Dec 2005 20:12:00 -0000 1.29 |
94 | +++ xc/programs/Xserver/hw/xfree86/common/xf86Init.c 5 Jun 2006 10:35:19 -0000 | |
95 | @@ -1,5 +1,5 @@ | |
96 | /* $XFree86: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 3.212 2004/01/27 01:31:45 dawes Exp $ */ | |
97 | -/* $XdotOrg: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 1.29 2005-12-14 20:12:00 ajax Exp $ */ | |
98 | +/* $XdotOrg: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 1.29 2005/12/14 20:12:00 ajax Exp $ */ | |
99 | ||
100 | /* | |
101 | * Loosely based on code bearing the following copyright: | |
102 | @@ -1905,7 +1905,11 @@ | |
103 | FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno)); | |
104 | break; | |
105 | case 0: /* child */ | |
106 | - setuid(getuid()); | |
107 | + if (setuid(getuid()) == -1) { | |
108 | + xf86Msg(X_ERROR, "xf86RunVtInit: setuid failed (%s)\n", | |
109 | + strerror(errno)); | |
110 | + exit(255); | |
111 | + } | |
112 | /* set stdin, stdout to the consoleFd */ | |
113 | for (i = 0; i < 2; i++) { | |
114 | if (xf86Info.consoleFd != i) { | |
af24db87 ER |
115 | Index: xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c |
116 | =================================================================== | |
117 | RCS file: /cvs/xorg/xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c,v | |
118 | retrieving revision 1.9 | |
119 | diff -u -r1.9 libc_wrapper.c | |
2d07cbe4 ER |
120 | --- xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c 3 Jul 2005 08:53:48 -0000 1.9 |
121 | +++ xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c 5 Jun 2006 10:35:19 -0000 | |
122 | @@ -1270,7 +1270,10 @@ | |
123 | #ifndef SELF_CONTAINED_WRAPPER | |
124 | xf86DisableIO(); | |
125 | #endif | |
126 | - setuid(getuid()); | |
127 | + if (setuid(getuid()) == -1) { | |
128 | + ErrorF("xf86Execl: setuid() failed: %s\n", strerror(errno)); | |
129 | + exit(255); | |
130 | + } | |
131 | #if !defined(SELF_CONTAINED_WRAPPER) | |
132 | /* set stdin, stdout to the consoleFD, and leave stderr alone */ | |
133 | for (i = 0; i < 2; i++) | |
af24db87 ER |
134 | Index: xc/programs/Xserver/hw/xfree86/parser/write.c |
135 | =================================================================== | |
136 | RCS file: /cvs/xorg/xc/programs/Xserver/hw/xfree86/parser/write.c,v | |
137 | retrieving revision 1.3 | |
138 | diff -u -r1.3 write.c | |
2d07cbe4 ER |
139 | --- xc/programs/Xserver/hw/xfree86/parser/write.c 3 Jul 2005 07:01:37 -0000 1.3 |
140 | +++ xc/programs/Xserver/hw/xfree86/parser/write.c 5 Jun 2006 10:35:19 -0000 | |
141 | @@ -170,7 +170,10 @@ | |
142 | strerror(errno)); | |
143 | return 0; | |
144 | case 0: /* child */ | |
145 | - setuid(getuid()); | |
146 | + if (setuid(getuid() == -1) | |
147 | + FatalError("xf86writeConfigFile(): " | |
148 | + "setuid failed(%s)\n", | |
149 | + strerror(errno)); | |
150 | ret = doWriteConfigFile(filename, cptr); | |
151 | exit(ret); | |
152 | break; | |
af24db87 ER |
153 | Index: xc/programs/Xserver/os/utils.c |
154 | =================================================================== | |
155 | RCS file: /cvs/xorg/xc/programs/Xserver/os/utils.c,v | |
156 | retrieving revision 1.21 | |
157 | diff -u -r1.21 utils.c | |
2d07cbe4 ER |
158 | --- xc/programs/Xserver/os/utils.c 8 Nov 2005 06:33:30 -0000 1.21 |
159 | +++ xc/programs/Xserver/os/utils.c 5 Jun 2006 10:35:20 -0000 | |
160 | @@ -1,4 +1,4 @@ | |
161 | -/* $XdotOrg: xc/programs/Xserver/os/utils.c,v 1.21 2005-11-08 06:33:30 jkj Exp $ */ | |
162 | +/* $XdotOrg: xc/programs/Xserver/os/utils.c,v 1.21 2005/11/08 06:33:30 jkj Exp $ */ | |
163 | /* $Xorg: utils.c,v 1.5 2001/02/09 02:05:24 xorgcvs Exp $ */ | |
164 | /* | |
165 | ||
166 | @@ -1718,8 +1718,10 @@ | |
167 | case -1: /* error */ | |
168 | p = -1; | |
169 | case 0: /* child */ | |
170 | - setgid(getgid()); | |
171 | - setuid(getuid()); | |
172 | + if (setgid(getgid()) == -1) | |
173 | + _exit(127); | |
174 | + if (setuid(getuid()) == -1) | |
175 | + _exit(127); | |
176 | execl("/bin/sh", "sh", "-c", command, (char *)NULL); | |
177 | _exit(127); | |
178 | default: /* parent */ | |
179 | @@ -1770,8 +1772,10 @@ | |
180 | xfree(cur); | |
181 | return NULL; | |
182 | case 0: /* child */ | |
183 | - setgid(getgid()); | |
184 | - setuid(getuid()); | |
185 | + if (setgid(getgid()) == -1) | |
186 | + _exit(127); | |
187 | + if (setuid(getuid()) == -1) | |
188 | + _exit(127); | |
189 | if (*type == 'r') { | |
190 | if (pdes[1] != 1) { | |
191 | /* stdout */ | |
192 | @@ -1845,8 +1849,10 @@ | |
193 | xfree(cur); | |
194 | return NULL; | |
195 | case 0: /* child */ | |
196 | - setgid(getgid()); | |
197 | - setuid(getuid()); | |
198 | + if (setgid(getgid()) == -1) | |
199 | + _exit(127); | |
200 | + if (setuid(getuid()) == -1) | |
201 | + _exit(127); | |
202 | if (*type == 'r') { | |
203 | if (pdes[1] != 1) { | |
204 | /* stdout */ | |
af24db87 ER |
205 | Index: xc/programs/xdm/session.c |
206 | =================================================================== | |
207 | RCS file: /cvs/xorg/xc/programs/xdm/session.c,v | |
208 | retrieving revision 1.3 | |
209 | diff -u -r1.3 session.c | |
2d07cbe4 ER |
210 | --- xc/programs/xdm/session.c 8 Nov 2005 06:33:31 -0000 1.3 |
211 | +++ xc/programs/xdm/session.c 5 Jun 2006 10:35:21 -0000 | |
212 | @@ -1,4 +1,4 @@ | |
213 | -/* $XdotOrg: xc/programs/xdm/session.c,v 1.3 2005-11-08 06:33:31 jkj Exp $ */ | |
214 | +/* $XdotOrg: xc/programs/xdm/session.c,v 1.3 2005/11/08 06:33:31 jkj Exp $ */ | |
215 | /* $Xorg: session.c,v 1.8 2001/02/09 02:05:40 xorgcvs Exp $ */ | |
216 | /* | |
217 | ||
218 | @@ -488,8 +488,14 @@ | |
219 | else | |
220 | ResetServer (d); | |
221 | if (removeAuth) { | |
222 | - setgid (verify.gid); | |
223 | - setuid (verify.uid); | |
224 | + if (setgid (verify.gid) == -1) { | |
225 | + LogError( "SessionExit: setgid: %s\n", strerror(errno)); | |
226 | + exit(status); | |
227 | + } | |
228 | + if (setuid (verify.uid) == -1) { | |
229 | + LogError( "SessionExit: setuid: %s\n", strerror(errno)); | |
230 | + exit(status); | |
231 | + } | |
232 | RemoveUserAuthorization (d, &verify); | |
233 | #ifdef K5AUTH | |
234 | /* do like "kdestroy" program */ | |
af24db87 ER |
235 | Index: xc/programs/xdm/xdmshell.c |
236 | =================================================================== | |
237 | RCS file: /cvs/xorg/xc/programs/xdm/xdmshell.c,v | |
238 | retrieving revision 1.3 | |
239 | diff -u -r1.3 xdmshell.c | |
2d07cbe4 ER |
240 | --- xc/programs/xdm/xdmshell.c 14 Jul 2005 22:58:25 -0000 1.3 |
241 | +++ xc/programs/xdm/xdmshell.c 5 Jun 2006 10:35:21 -0000 | |
242 | @@ -183,7 +183,11 @@ | |
243 | #endif | |
244 | ||
245 | /* make xdm run in a non-setuid environment */ | |
246 | - setuid (geteuid()); | |
247 | + if (setuid (geteuid()) == -1) { | |
248 | + fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n", | |
249 | + ProgramName, errno, strerror(errno)); | |
250 | + exit(1); | |
251 | + } | |
252 | ||
253 | /* | |
254 | * exec /usr/bin/X11/xdm -nodaemon -udpPort 0 | |
af24db87 ER |
255 | Index: xc/programs/xf86dga/dga.c |
256 | =================================================================== | |
257 | RCS file: /cvs/xorg/xc/programs/xf86dga/dga.c,v | |
258 | retrieving revision 1.2 | |
259 | diff -u -r1.2 dga.c | |
2d07cbe4 ER |
260 | --- xc/programs/xf86dga/dga.c 23 Apr 2004 19:54:47 -0000 1.2 |
261 | +++ xc/programs/xf86dga/dga.c 5 Jun 2006 10:35:21 -0000 | |
262 | @@ -16,6 +16,7 @@ | |
263 | #include <X11/Xmd.h> | |
264 | #include <X11/extensions/xf86dga.h> | |
265 | #include <ctype.h> | |
266 | +#include <errno.h> | |
267 | #include <stdio.h> | |
268 | #include <stdlib.h> | |
269 | #include <signal.h> | |
270 | @@ -141,7 +142,10 @@ | |
271 | ||
272 | #ifndef __UNIXOS2__ | |
273 | /* Give up root privs */ | |
274 | - setuid(getuid()); | |
275 | + if (setuid(getuid()) == -1) { | |
276 | + fprintf(stderr, "Unable to change uid: %s\n", strerror(errno)); | |
277 | + exit(2); | |
278 | + } | |
279 | #endif | |
280 | ||
281 | XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0); | |
af24db87 ER |
282 | Index: xc/programs/xinit/xinit.c |
283 | =================================================================== | |
284 | RCS file: /cvs/xorg/xc/programs/xinit/xinit.c,v | |
285 | retrieving revision 1.4 | |
286 | diff -u -r1.4 xinit.c | |
2d07cbe4 ER |
287 | --- xc/programs/xinit/xinit.c 4 Oct 2005 01:27:34 -0000 1.4 |
288 | +++ xc/programs/xinit/xinit.c 5 Jun 2006 10:35:21 -0000 | |
289 | @@ -1,5 +1,5 @@ | |
290 | /* $Xorg: xinit.c,v 1.5 2001/02/09 02:05:49 xorgcvs Exp $ */ | |
291 | -/* $XdotOrg: xc/programs/xinit/xinit.c,v 1.4 2005-10-04 01:27:34 ajax Exp $ */ | |
292 | +/* $XdotOrg: xc/programs/xinit/xinit.c,v 1.4 2005/10/04 01:27:34 ajax Exp $ */ | |
293 | ||
294 | /* | |
295 | ||
296 | @@ -692,7 +692,10 @@ | |
297 | startClient(char *client[]) | |
298 | { | |
299 | if ((clientpid = vfork()) == 0) { | |
300 | - setuid(getuid()); | |
301 | + if (setuid(getuid()) == -1) { | |
302 | + Error("cannot change uid: %s\n", strerror(errno)); | |
303 | + _exit(ERR_EXIT); | |
304 | + } | |
305 | setpgrp(0, getpid()); | |
306 | environ = newenviron; | |
307 | #ifdef __UNIXOS2__ | |
af24db87 ER |
308 | Index: xc/programs/xload/xload.c |
309 | =================================================================== | |
310 | RCS file: /cvs/xorg/xc/programs/xload/xload.c,v | |
311 | retrieving revision 1.2 | |
312 | diff -u -r1.2 xload.c | |
2d07cbe4 ER |
313 | --- xc/programs/xload/xload.c 23 Apr 2004 19:54:57 -0000 1.2 |
314 | +++ xc/programs/xload/xload.c 5 Jun 2006 10:35:21 -0000 | |
315 | @@ -34,7 +34,7 @@ | |
316 | * xload - display system load average in a window | |
317 | */ | |
318 | ||
319 | - | |
320 | +#include <errno.h> | |
321 | #include <stdio.h> | |
322 | #include <stdlib.h> | |
323 | #include <unistd.h> | |
324 | @@ -162,8 +162,17 @@ | |
325 | /* For security reasons, we reset our uid/gid after doing the necessary | |
326 | system initialization and before calling any X routines. */ | |
327 | InitLoadPoint(); | |
328 | - setgid(getgid()); /* reset gid first while still (maybe) root */ | |
329 | - setuid(getuid()); | |
330 | + /* reset gid first while still (maybe) root */ | |
331 | + if (setgid(getgid()) == -1) { | |
332 | + fprintf(stderr, "%s: setgid failed: %s\n", | |
333 | + ProgramName, strerror(errno)); | |
334 | + exit(1); | |
335 | + } | |
336 | + if (setuid(getuid()) == -1) { | |
337 | + fprintf(stderr, "%s: setuid failed: %s\n", | |
338 | + ProgramName, strerror(errno)); | |
339 | + exit(1); | |
340 | + } | |
341 | ||
342 | XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL); | |
343 | ||
af24db87 ER |
344 | Index: xc/programs/xterm/main.c |
345 | =================================================================== | |
346 | RCS file: /cvs/xorg/xc/programs/xterm/main.c,v | |
347 | retrieving revision 1.8 | |
348 | diff -u -r1.8 main.c | |
2d07cbe4 ER |
349 | --- xc/programs/xterm/main.c 14 Dec 2005 23:28:27 -0000 1.8 |
350 | +++ xc/programs/xterm/main.c 5 Jun 2006 10:35:22 -0000 | |
351 | @@ -1592,8 +1592,10 @@ | |
352 | Window winToEmbedInto = None; | |
353 | ||
354 | #ifdef DISABLE_SETUID | |
355 | - seteuid(getuid()); | |
356 | - setuid(getuid()); | |
357 | + if (seteuid(getuid()) == -1) | |
358 | + exit(2); | |
359 | + if (setuid(getuid()) == -1) | |
360 | + exit(2); | |
361 | #endif | |
362 | ||
363 | ProgramName = argv[0]; | |
364 | @@ -1619,8 +1621,16 @@ | |
365 | ||
366 | #if defined(USE_UTMP_SETGID) | |
367 | get_pty(NULL, NULL); | |
368 | - seteuid(getuid()); | |
369 | - setuid(getuid()); | |
370 | + if (seteuid(getuid()) == -1) { | |
371 | + fprintf(stderr, | |
372 | + "%s: unable to change back euid\n", ProgramName); | |
373 | + exit(1); | |
374 | + } | |
375 | + if (setuid(getuid()) == -1) { | |
376 | + fprintf(stderr, | |
377 | + "%s: unable to change back uid\n", ProgramName); | |
378 | + exit(1); | |
379 | + } | |
380 | #define get_pty(pty, from) really_get_pty(pty, from) | |
381 | #endif | |
382 | ||
af24db87 ER |
383 | Index: xc/programs/xterm/misc.c |
384 | =================================================================== | |
385 | RCS file: /cvs/xorg/xc/programs/xterm/misc.c,v | |
386 | retrieving revision 1.6 | |
387 | diff -u -r1.6 misc.c | |
2d07cbe4 ER |
388 | --- xc/programs/xterm/misc.c 14 Dec 2005 23:28:27 -0000 1.6 |
389 | +++ xc/programs/xterm/misc.c 5 Jun 2006 10:35:22 -0000 | |
390 | @@ -1094,8 +1094,10 @@ | |
391 | pid = fork(); | |
392 | switch (pid) { | |
393 | case 0: /* child */ | |
394 | - setgid(gid); | |
395 | - setuid(uid); | |
396 | + if (setgid(gid) == -1) | |
397 | + _exit(ERROR_SETUID); | |
398 | + if (setuid(uid) == -1) | |
399 | + _exit(ERROR_SETUID); | |
400 | fd = open(pathname, | |
401 | O_WRONLY | O_CREAT | (append ? O_APPEND : O_EXCL), | |
402 | mode); | |
403 | @@ -1262,8 +1264,10 @@ | |
404 | signal(SIGCHLD, SIG_DFL); | |
405 | ||
406 | /* (this is redundant) */ | |
407 | - setgid(screen->gid); | |
408 | - setuid(screen->uid); | |
409 | + if (setgid(screen->gid) == -1) | |
410 | + exit(ERROR_SETUID); | |
411 | + if (setuid(screen->uid) == -1) | |
412 | + exit(ERROR_SETUID); | |
413 | ||
414 | execl(shell, shell, "-c", &screen->logfile[1], (void *) 0); | |
415 | ||
af24db87 ER |
416 | Index: xc/programs/xterm/print.c |
417 | =================================================================== | |
418 | RCS file: /cvs/xorg/xc/programs/xterm/print.c,v | |
419 | retrieving revision 1.5 | |
420 | diff -u -r1.5 print.c | |
2d07cbe4 ER |
421 | --- xc/programs/xterm/print.c 5 Aug 2005 16:13:04 -0000 1.5 |
422 | +++ xc/programs/xterm/print.c 5 Jun 2006 10:35:22 -0000 | |
423 | @@ -387,9 +387,11 @@ | |
424 | dup2(fileno(stderr), 2); | |
425 | close(fileno(stderr)); | |
426 | } | |
427 | - | |
428 | - setgid(screen->gid); /* don't want privileges! */ | |
429 | - setuid(screen->uid); | |
430 | + /* don't want privileges! */ | |
431 | + if (setgid(screen->gid) == -1) | |
432 | + exit(2); | |
433 | + if (setuid(screen->uid) == -1) | |
434 | + exit(2); | |
435 | ||
436 | Printer = popen(screen->printer_command, "w"); | |
437 | input = fdopen(my_pipe[0], "r"); |