diff options
| author | Werner Koch <[email protected]> | 2000-06-08 18:08:06 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2000-06-08 18:08:06 +0000 |
| commit | bf2ace8a83718da3e6bcc201db2a49844b5a3a22 (patch) | |
| tree | 66859c2bb4c390e2e8d0e2657f11913ddc6cdca2 | |
| parent | See ChangeLog: Wed Jun 7 19:19:09 CEST 2000 Werner Koch (diff) | |
| download | gnupg-bf2ace8a83718da3e6bcc201db2a49844b5a3a22.tar.gz gnupg-bf2ace8a83718da3e6bcc201db2a49844b5a3a22.zip | |
See ChangeLog: Thu Jun 8 20:22:00 CEST 2000 Werner Koch
| -rw-r--r-- | util/ChangeLog | 4 | ||||
| -rw-r--r-- | util/secmem.c | 6 |
2 files changed, 8 insertions, 2 deletions
diff --git a/util/ChangeLog b/util/ChangeLog index c6d64aa6a..48d216e74 100644 --- a/util/ChangeLog +++ b/util/ChangeLog @@ -1,3 +1,7 @@ +Thu Jun 8 20:22:00 CEST 2000 Werner Koch <[email protected]> + + * secmem.c (lock_pool,secmem_init): Additional check for dropped privs. + Tue May 30 16:37:55 CEST 2000 Werner Koch <[email protected]> * iobuf.c (iobuf_cancel): Fix for MSDOS. diff --git a/util/secmem.c b/util/secmem.c index 54836cbcf..8b80370c1 100644 --- a/util/secmem.c +++ b/util/secmem.c @@ -128,7 +128,9 @@ lock_pool( void *p, size_t n ) #endif if( uid && !geteuid() ) { - if( setuid( uid ) || getuid() != geteuid() ) + /* check that we really dropped the privs. + * Note: setuid(0) should always fail */ + if( setuid( uid ) || getuid() != geteuid() || !setuid(0) ) log_fatal("failed to reset uid: %s\n", strerror(errno)); } @@ -260,7 +262,7 @@ secmem_init( size_t n ) disable_secmem=1; uid = getuid(); if( uid != geteuid() ) { - if( setuid( uid ) || getuid() != geteuid() ) + if( setuid( uid ) || getuid() != geteuid() || !setuid(0) ) log_fatal("failed to drop setuid\n" ); } #endif |