Attachment #89172 for bug #135974

Lines 492-499 Link Here

(-)app/xdm/session.c (-2 / +8 lines)
492	else	492	else
493	ResetServer (d);	493	ResetServer (d);
494	if (removeAuth) {	494	if (removeAuth) {
495	setgid (verify.gid);	495	if (setgid (verify.gid) == -1) {
496	setuid (verify.uid);	496	LogError( "SessionExit: setgid: %s\n", strerror(errno));
		497	exit(status);
		498	}
		499	if (setuid (verify.uid) == -1) {
		500	LogError( "SessionExit: setuid: %s\n", strerror(errno));
		501	exit(status);
		502	}
497	RemoveUserAuthorization (d, &verify);	503	RemoveUserAuthorization (d, &verify);
498	#if defined(K5AUTH) && !defined(USE_PAM) /* PAM modules should handle this */	504	#if defined(K5AUTH) && !defined(USE_PAM) /* PAM modules should handle this */
499	/* do like "kdestroy" program */	505	/* do like "kdestroy" program */

Lines 183-189 Link Here

(-)app/xdm/xdmshell.c (-1 / +5 lines)
183	#endif	183	#endif
184		184
185	/* make xdm run in a non-setuid environment */	185	/* make xdm run in a non-setuid environment */
186	setuid (geteuid());	186	if (setuid (geteuid()) == -1) {
		187	fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n",
		188	ProgramName, errno, strerror(errno));
		189	exit(1);
		190	}
187		191
188	/*	192	/*
189	* exec /usr/bin/X11/xdm -nodaemon -udpPort 0	193	* exec /usr/bin/X11/xdm -nodaemon -udpPort 0

Lines 16-21 Link Here

(-)app/xf86dga/dga.c (-1 / +5 lines)
16	#include <X11/Xmd.h>	16	#include <X11/Xmd.h>
17	#include <X11/extensions/xf86dga.h>	17	#include <X11/extensions/xf86dga.h>
18	#include <ctype.h>	18	#include <ctype.h>
		19	#include <errno.h>
19	#include <stdio.h>	20	#include <stdio.h>
20	#include <stdlib.h>	21	#include <stdlib.h>
21	#include <signal.h>	22	#include <signal.h>
Lines 141-147 Link Here
141		142
142	#ifndef __UNIXOS2__	143	#ifndef __UNIXOS2__
143	/* Give up root privs */	144	/* Give up root privs */
144	setuid(getuid());	145	if (setuid(getuid()) == -1) {
		146	fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));
		147	exit(2);
		148	}
145	#endif	149	#endif
146		150
147	XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);	151	XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);

Lines 1-5 Link Here

(-)app/xinit/xinit.c (-2 / +5 lines)
1	/* $Xorg: xinit.c,v 1.5 2001/02/09 02:05:49 xorgcvs Exp $ */	1	/* $Xorg: xinit.c,v 1.5 2001/02/09 02:05:49 xorgcvs Exp $ */
2	/* $XdotOrg: app/xinit/xinit.c,v 1.4 2005-10-04 01:27:34 ajax Exp $ */	2	/* $XdotOrg: $ */
3		3
4	/*	4	/*
5		5
Lines 692-698 Link Here
692	startClient(char *client[])	692	startClient(char *client[])
693	{	693	{
694	if ((clientpid = vfork()) == 0) {	694	if ((clientpid = vfork()) == 0) {
695	setuid(getuid());	695	if (setuid(getuid()) == -1) {
		696	Error("cannot change uid: %s\n", strerror(errno));
		697	_exit(ERR_EXIT);
		698	}
696	setpgrp(0, getpid());	699	setpgrp(0, getpid());
697	environ = newenviron;	700	environ = newenviron;
698	#ifdef __UNIXOS2__	701	#ifdef __UNIXOS2__




 * xload - display system load average in a window
 */

#include <errno.h>
#include <stdio.h> 
#include <stdlib.h>
#include <unistd.h>

    /* For security reasons, we reset our uid/gid after doing the necessary
       system initialization and before calling any X routines. */
    InitLoadPoint();
    /* reset gid first while still (maybe) root */
    if (setgid(getgid()) == -1) {
	    fprintf(stderr, "%s: setgid failed: %s\n", 
		ProgramName, strerror(errno));
	    exit(1);
    }
    if (setuid(getuid()) == -1) {
	    fprintf(stderr, "%s: setuid failed: %s\n", 
		ProgramName, strerror(errno));
	    exit(1);
    }

    XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);


Lines 360-366 Link Here

(-)lib/xtrans/Xtranslcl.c (-2 / +11 lines)
360	uid_t saved_euid;	360	uid_t saved_euid;
361		361
362	saved_euid = geteuid();	362	saved_euid = geteuid();
363	setuid( getuid() ); / sets the euid to the actual/real uid /	363	/ sets the euid to the actual/real uid /
		364	if (setuid( getuid() ) == -1) {
		365	exit(1);
		366	}
364	if( chown( slave, saved_euid, -1 ) < 0 ) {	367	if( chown( slave, saved_euid, -1 ) < 0 ) {
365	exit( 1 );	368	exit( 1 );
366	}	369	}
Lines 369-375 Link Here
369	}	372	}
370		373
371	waitpid(saved_pid, &exitval, 0);	374	waitpid(saved_pid, &exitval, 0);
372		375	if (WIFEXITED(exitval) && WEXITSTATUS(exitval) != 0) {
		376	close(fd);
		377	close(server);
		378	PRMSG(1, "PTSOpenClient: cannot set the owner of %s\n",
		379	slave, 0, 0);
		380	return(-1);
		381	}
373	if (chmod(slave, 0666) < 0) {	382	if (chmod(slave, 0666) < 0) {
374	close(fd);	383	close(fd);
375	close(server);	384	close(server);

Lines 1896-1902 Link Here

(-)xserver/xorg/hw/xfree86/common/xf86Init.c (-1 / +5 lines)
1896	FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno));	1897	FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno));
1897	break;	1898	break;
1898	case 0: /* child */	1899	case 0: /* child */
1899	setuid(getuid());	1900	if (setuid(getuid()) == -1) {
		1901	xf86Msg(X_ERROR, "xf86RunVtInit: setuid failed (%s)\n",
		1902	strerror(errno));
		1903	exit(255);
		1904	}
1900	/* set stdin, stdout to the consoleFd */	1905	/* set stdin, stdout to the consoleFd */
1901	for (i = 0; i < 2; i++) {	1906	for (i = 0; i < 2; i++) {
1902	if (xf86Info.consoleFd != i) {	1907	if (xf86Info.consoleFd != i) {

Lines 1270-1276 Link Here

(-)xserver/xorg/hw/xfree86/os-support/shared/libc_wrapper.c (-1 / +4 lines)
1270	#ifndef SELF_CONTAINED_WRAPPER	1270	#ifndef SELF_CONTAINED_WRAPPER
1271	xf86DisableIO();	1271	xf86DisableIO();
1272	#endif	1272	#endif
1273	setuid(getuid());	1273	if (setuid(getuid()) == -1) {
		1274	ErrorF("xf86Execl: setuid() failed: %s\n", strerror(errno));
		1275	exit(255);
		1276	}
1274	#if !defined(SELF_CONTAINED_WRAPPER)	1277	#if !defined(SELF_CONTAINED_WRAPPER)
1275	/* set stdin, stdout to the consoleFD, and leave stderr alone */	1278	/* set stdin, stdout to the consoleFD, and leave stderr alone */
1276	for (i = 0; i < 2; i++)	1279	for (i = 0; i < 2; i++)

Lines 170-176 Link Here

(-)xserver/xorg/hw/xfree86/parser/write.c (-1 / +4 lines)
170	strerror(errno));	170	strerror(errno));
171	return 0;	171	return 0;
172	case 0: /* child */	172	case 0: /* child */
173	setuid(getuid());	173	if (setuid(getuid() == -1)
		174	FatalError("xf86writeConfigFile(): "
		175	"setuid failed(%s)\n",
		176	strerror(errno));
174	ret = doWriteConfigFile(filename, cptr);	177	ret = doWriteConfigFile(filename, cptr);
175	exit(ret);	178	exit(ret);
176	break;	179	break;

Lines 1718-1725 Link Here

(-)xserver/xorg/os/utils.c (-6 / +12 lines)
1718	case -1: /* error */	1718	case -1: /* error */
1719	p = -1;	1719	p = -1;
1720	case 0: /* child */	1720	case 0: /* child */
1721	setgid(getgid());	1721	if (setgid(getgid()) == -1)
1722	setuid(getuid());	1722	_exit(127);
		1723	if (setuid(getuid()) == -1)
		1724	_exit(127);
1723	execl("/bin/sh", "sh", "-c", command, (char *)NULL);	1725	execl("/bin/sh", "sh", "-c", command, (char *)NULL);
1724	_exit(127);	1726	_exit(127);
1725	default: /* parent */	1727	default: /* parent */
Lines 1770-1777 Link Here
1770	xfree(cur);	1772	xfree(cur);
1771	return NULL;	1773	return NULL;
1772	case 0: /* child */	1774	case 0: /* child */
1773	setgid(getgid());	1775	if (setgid(getgid()) == -1)
1774	setuid(getuid());	1776	_exit(127);
		1777	if (setuid(getuid()) == -1)
		1778	_exit(127);
1775	if (*type == 'r') {	1779	if (*type == 'r') {
1776	if (pdes[1] != 1) {	1780	if (pdes[1] != 1) {
1777	/* stdout */	1781	/* stdout */
Lines 1845-1852 Link Here
1845	xfree(cur);	1849	xfree(cur);
1846	return NULL;	1850	return NULL;
1847	case 0: /* child */	1851	case 0: /* child */
1848	setgid(getgid());	1852	if (setgid(getgid()) == -1)
1849	setuid(getuid());	1853	_exit(127);
		1854	if (setuid(getuid()) == -1)
		1855	_exit(127);
1850	if (*type == 'r') {	1856	if (*type == 'r') {
1851	if (pdes[1] != 1) {	1857	if (pdes[1] != 1) {
1852	/* stdout */	1858	/* stdout */

Return to bug 135974

Lines 34-40 Link Here

(-)app/xload/xload.c (-3 / +12 lines)
34	* xload - display system load average in a window	34	* xload - display system load average in a window
35	*/	35	*/
36		36
37		37	#include <errno.h>
38	#include <stdio.h>	38	#include <stdio.h>
39	#include <stdlib.h>	39	#include <stdlib.h>
40	#include <unistd.h>	40	#include <unistd.h>
Lines 162-169 Link Here
162	/* For security reasons, we reset our uid/gid after doing the necessary	162	/* For security reasons, we reset our uid/gid after doing the necessary
163	system initialization and before calling any X routines. */	163	system initialization and before calling any X routines. */
164	InitLoadPoint();	164	InitLoadPoint();
165	setgid(getgid()); /* reset gid first while still (maybe) root */	165	/* reset gid first while still (maybe) root */
166	setuid(getuid());	166	if (setgid(getgid()) == -1) {
		167	fprintf(stderr, "%s: setgid failed: %s\n",
		168	ProgramName, strerror(errno));
		169	exit(1);
		170	}
		171	if (setuid(getuid()) == -1) {
		172	fprintf(stderr, "%s: setuid failed: %s\n",
		173	ProgramName, strerror(errno));
		174	exit(1);
		175	}
167		176
168	XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);	177	XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);
169		178