fixed severe exploitV0-3-2

author: Werner Koch <[email protected]> 1998-07-09 13:37:17 +0000
committer: Werner Koch <[email protected]> 1998-07-09 13:37:17 +0000
commit: e143f23c237e523758173e65ff8fdd2966ed938b (patch)
tree: b17a57e05ddb9680922b00a42bb5ebefe62d71cd /cipher/dynload.c
parent: fixed clearsig stuff (diff)
download: gnupg-e143f23c237e523758173e65ff8fdd2966ed938b.tar.gz
gnupg-e143f23c237e523758173e65ff8fdd2966ed938b.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/cipher/dynload.c b/cipher/dynload.c
index e22731702..a8c01f259 100644
--- a/cipher/dynload.c
+++ b/cipher/dynload.c
@@ -22,6 +22,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
 #ifdef HAVE_DL_DLOPEN
   #include <dlfcn.h>
 #endif
@@ -109,7 +110,11 @@ load_extension( EXTLIST el )
     int seq = 0;
     int class, vers;
 
+    /* make sure we are not setuid */
+    if( getuid() != geteuid() )
+	log_bug("trying to load an extension while still setuid\n");
 
+    /* now that we are not setuid anymore, we can safely load modules */
     el->handle = dlopen(el->name, RTLD_NOW);
     if( !el->handle ) {
 	log_error("%s: error loading extension: %s\n", el->name, dlerror() );
author	Werner Koch <[email protected]>	1998-07-09 13:37:17 +0000
committer	Werner Koch <[email protected]>	1998-07-09 13:37:17 +0000
commit	e143f23c237e523758173e65ff8fdd2966ed938b (patch)
tree	b17a57e05ddb9680922b00a42bb5ebefe62d71cd /cipher/dynload.c
parent	fixed clearsig stuff (diff)
download	gnupg-e143f23c237e523758173e65ff8fdd2966ed938b.tar.gz gnupg-e143f23c237e523758173e65ff8fdd2966ed938b.zip