When looking for "group daemon" (since that's what's in mtree), make sure

we actually look for the *group* and not the user's gid.  user daemon
has traditionally been group 31 (guest).

Also clear out the groups vector so that it doesn't inherit the groups
of the invoking user (ever run rwhod by hand before?)  Unfortunately, we
can't empty the supplemental groups list because the !&@^#! egid is stored
in there! :-(
This commit is contained in:
Peter Wemm 1996-09-07 01:43:08 +00:00
parent 62bb21530c
commit 90ff799227
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=18092

View File

@ -66,6 +66,7 @@ static char sccsid[] = "@(#)rwhod.c 8.1 (Berkeley) 6/6/93";
#include <unistd.h> #include <unistd.h>
#include <utmp.h> #include <utmp.h>
#include <pwd.h> #include <pwd.h>
#include <grp.h>
/* /*
* This version of Berkeley's rwhod has been modified to use IP multicast * This version of Berkeley's rwhod has been modified to use IP multicast
@ -246,6 +247,7 @@ usage: fprintf(stderr, "usage: rwhod [ -m [ ttl ] ]\n");
exit(1); exit(1);
} }
setgid(unpriv_gid); setgid(unpriv_gid);
setgroups(1, &unpriv_gid); /* XXX BOGUS groups[0] = egid */
setuid(unpriv_uid); setuid(unpriv_uid);
if (!configure(s)) if (!configure(s))
exit(1); exit(1);
@ -320,6 +322,7 @@ run_as(uid, gid)
gid_t *gid; gid_t *gid;
{ {
struct passwd *pw; struct passwd *pw;
struct group *gr;
pw = getpwnam(UNPRIV_USER); pw = getpwnam(UNPRIV_USER);
if (!pw) { if (!pw) {
@ -328,12 +331,12 @@ run_as(uid, gid)
} }
*uid = pw->pw_uid; *uid = pw->pw_uid;
pw = getpwnam(UNPRIV_GROUP); gr = getgrnam(UNPRIV_GROUP);
if (!pw) { if (!gr) {
syslog(LOG_ERR, "getpwnam(%s): %m", UNPRIV_GROUP); syslog(LOG_ERR, "getgrnam(%s): %m", UNPRIV_GROUP);
exit(1); exit(1);
} }
*gid = pw->pw_gid; *gid = gr->gr_gid;
} }
/* /*