Gentoo Attachment #89174 for bug #135974

View | Details | Raw Unified
Collapse All | Expand All

(-) xc/config/util/chownxterm.c (-4 / +8 lines)

Lines 41-48	Link Here

void help()

void help()

    setgid(getgid());

    if (setgid(getgid()) == -1)

    setuid(getuid());

	exit(1);

    if (setuid(getuid()) == -1)

	exit(1);

    printf("chown-xterm makes %s suid root\n", XTERM_PATH);

    printf("chown-xterm makes %s suid root\n", XTERM_PATH);

    printf("This is necessary on Ultrix for /dev/tty operation.\n");

    printf("This is necessary on Ultrix for /dev/tty operation.\n");

    exit(0);

    exit(0);

Lines 51-58	Link Here

void print_error(err_string)

void print_error(err_string)

    char *err_string;

    char *err_string;

    setgid(getgid());

    if (setgid(getgid()) == -1)

    setuid(getuid());

	exit(1);

    if (setuid(getuid()) == -1)

	exit(1);

    fprintf(stderr, "%s: \"%s\"", prog_name, err_string);

    fprintf(stderr, "%s: \"%s\"", prog_name, err_string);

    perror(" failed");

    perror(" failed");

    exit(1);

    exit(1);

(-) xc/lib/X11/lcFile.c (-1 / +5 lines)

Lines 269-275	Link Here

	    if (seteuid(0) != 0) {

	    if (seteuid(0) != 0) {

		priv = 0;

		priv = 0;

	    } else {

	    } else {

		seteuid(oldeuid);

		if (seteuid(oldeuid) == -1) {

		    /* XXX ouch, coudn't get back to original uid

		     what can we do ??? */

		    _exit(127);

		priv = 1;

		priv = 1;

#endif

#endif

(-) xc/lib/xtrans/Xtranslcl.c (-2 / +11 lines)

Lines 360-366	Link Here

	uid_t       saved_euid;

	uid_t       saved_euid;

	saved_euid = geteuid();

	saved_euid = geteuid();

	setuid( getuid() ); /** sets the euid to the actual/real uid **/

	/** sets the euid to the actual/real uid **/

	if (setuid( getuid() ) == -1) {

		exit(1);

	if( chown( slave, saved_euid, -1 ) < 0 ) {

	if( chown( slave, saved_euid, -1 ) < 0 ) {

		exit( 1 );

		exit( 1 );

Lines 369-375	Link Here

    waitpid(saved_pid, &exitval, 0);

    waitpid(saved_pid, &exitval, 0);

    if (WIFEXITED(exitval) && WEXITSTATUS(exitval) != 0) {

	close(fd);

	close(server);

	PRMSG(1, "PTSOpenClient: cannot set the owner of %s\n",

	      slave, 0, 0);

	return(-1);

    if (chmod(slave, 0666) < 0) {

    if (chmod(slave, 0666) < 0) {

	close(fd);

	close(fd);

	close(server);

	close(server);

(-) xc/programs/Xserver/hw/xfree86/common/xf86Init.c (-2 / +6 lines)

Lines 1-5	Link Here

/* $XFree86: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 3.212 2004/01/27 01:31:45 dawes Exp $ */

/* $XFree86: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 3.212 2004/01/27 01:31:45 dawes Exp $ */

/* $XdotOrg: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 1.29 2005-12-14 20:12:00 ajax Exp $ */

/* $XdotOrg: xc/programs/Xserver/hw/xfree86/common/xf86Init.c,v 1.29 2005/12/14 20:12:00 ajax Exp $ */

/*

/*

 * Loosely based on code bearing the following copyright:

 * Loosely based on code bearing the following copyright:

Lines 1905-1911	Link Here

          FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno));

          FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno));

          break;

          break;

      case 0:  /* child */

      case 0:  /* child */

          setuid(getuid());

	  if (setuid(getuid()) == -1) {

	      xf86Msg(X_ERROR, "xf86RunVtInit: setuid failed (%s)\n",

			 strerror(errno));

	      exit(255);

          /* set stdin, stdout to the consoleFd */

          /* set stdin, stdout to the consoleFd */

          for (i = 0; i < 2; i++) {

          for (i = 0; i < 2; i++) {

            if (xf86Info.consoleFd != i) {

            if (xf86Info.consoleFd != i) {

(-) xc/programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c (-1 / +4 lines)

Lines 1270-1276	Link Here

#ifndef SELF_CONTAINED_WRAPPER

#ifndef SELF_CONTAINED_WRAPPER

	xf86DisableIO();

	xf86DisableIO();

#endif

#endif

        setuid(getuid());

        if (setuid(getuid()) == -1) {

		ErrorF("xf86Execl: setuid() failed: %s\n", strerror(errno));

		exit(255);

#if !defined(SELF_CONTAINED_WRAPPER)

#if !defined(SELF_CONTAINED_WRAPPER)

        /* set stdin, stdout to the consoleFD, and leave stderr alone */

        /* set stdin, stdout to the consoleFD, and leave stderr alone */

        for (i = 0; i < 2; i++)

        for (i = 0; i < 2; i++)

(-) xc/programs/Xserver/hw/xfree86/parser/write.c (-1 / +4 lines)

Lines 170-176	Link Here

					strerror(errno));

					strerror(errno));

			return 0;

			return 0;

		case 0: /* child */

		case 0: /* child */

			setuid(getuid());

			if (setuid(getuid() == -1)

			    FatalError("xf86writeConfigFile(): "

				"setuid failed(%s)\n",

				strerror(errno));

			ret = doWriteConfigFile(filename, cptr);

			ret = doWriteConfigFile(filename, cptr);

			exit(ret);

			exit(ret);

			break;

			break;

(-) xc/programs/Xserver/os/utils.c (-7 / +13 lines)

Lines 1-4	Link Here

/* $XdotOrg: xc/programs/Xserver/os/utils.c,v 1.21 2005-11-08 06:33:30 jkj Exp $ */

/* $XdotOrg: xc/programs/Xserver/os/utils.c,v 1.21 2005/11/08 06:33:30 jkj Exp $ */

/* $Xorg: utils.c,v 1.5 2001/02/09 02:05:24 xorgcvs Exp $ */

/* $Xorg: utils.c,v 1.5 2001/02/09 02:05:24 xorgcvs Exp $ */

/*

/*

Lines 1718-1725	Link Here

    case -1:	/* error */

    case -1:	/* error */

	p = -1;

	p = -1;

    case 0:	/* child */

    case 0:	/* child */

	setgid(getgid());

	if (setgid(getgid()) == -1)

	setuid(getuid());

	    _exit(127);

	if (setuid(getuid()) == -1)

	    _exit(127);

	execl("/bin/sh", "sh", "-c", command, (char *)NULL);

	execl("/bin/sh", "sh", "-c", command, (char *)NULL);

	_exit(127);

	_exit(127);

    default:	/* parent */

    default:	/* parent */

Lines 1770-1777	Link Here

	xfree(cur);

	xfree(cur);

	return NULL;

	return NULL;

    case 0:	/* child */

    case 0:	/* child */

	setgid(getgid());

	if (setgid(getgid()) == -1)

	setuid(getuid());

	    _exit(127);

	if (setuid(getuid()) == -1)

	    _exit(127);

	if (*type == 'r') {

	if (*type == 'r') {

	    if (pdes[1] != 1) {

	    if (pdes[1] != 1) {

		/* stdout */

		/* stdout */

Lines 1845-1852	Link Here

	xfree(cur);

	xfree(cur);

	return NULL;

	return NULL;

    case 0:	/* child */

    case 0:	/* child */

	setgid(getgid());

	if (setgid(getgid()) == -1)

	setuid(getuid());

	    _exit(127);

	if (setuid(getuid()) == -1)

	    _exit(127);

	if (*type == 'r') {

	if (*type == 'r') {

	    if (pdes[1] != 1) {

	    if (pdes[1] != 1) {

		/* stdout */

		/* stdout */

(-) xc/programs/xdm/session.c (-3 / +9 lines)

Lines 1-4	Link Here

/* $XdotOrg: xc/programs/xdm/session.c,v 1.3 2005-11-08 06:33:31 jkj Exp $ */

/* $XdotOrg: xc/programs/xdm/session.c,v 1.3 2005/11/08 06:33:31 jkj Exp $ */

/* $Xorg: session.c,v 1.8 2001/02/09 02:05:40 xorgcvs Exp $ */

/* $Xorg: session.c,v 1.8 2001/02/09 02:05:40 xorgcvs Exp $ */

/*

/*

Lines 488-495	Link Here

    else

    else

	ResetServer (d);

	ResetServer (d);

    if (removeAuth) {

    if (removeAuth) {

	setgid (verify.gid);

	if (setgid (verify.gid) == -1) {

	setuid (verify.uid);

	    LogError( "SessionExit: setgid: %s\n", strerror(errno));

	    exit(status);

	if (setuid (verify.uid) == -1) {

	    LogError( "SessionExit: setuid: %s\n", strerror(errno));

	    exit(status);

	RemoveUserAuthorization (d, &verify);

	RemoveUserAuthorization (d, &verify);

#ifdef K5AUTH

#ifdef K5AUTH

	/* do like "kdestroy" program */

	/* do like "kdestroy" program */

(-) xc/programs/xdm/xdmshell.c (-1 / +5 lines)

Lines 183-189	Link Here

#endif

#endif

    /* make xdm run in a non-setuid environment */

    /* make xdm run in a non-setuid environment */

    setuid (geteuid());

    if (setuid (geteuid()) == -1) {

	fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n",

		ProgramName, errno, strerror(errno));

	exit(1);

/*

/*

     * exec /usr/bin/X11/xdm -nodaemon -udpPort 0

     * exec /usr/bin/X11/xdm -nodaemon -udpPort 0

(-) xc/programs/xf86dga/dga.c (-1 / +5 lines)

Lines 16-21	Link Here

#include <X11/Xmd.h>

#include <X11/Xmd.h>

#include <X11/extensions/xf86dga.h>

#include <X11/extensions/xf86dga.h>

#include <ctype.h>

#include <ctype.h>

#include <errno.h>

#include <stdio.h>

#include <stdio.h>

#include <stdlib.h>

#include <stdlib.h>

#include <signal.h>

#include <signal.h>

Lines 141-147	Link Here

#ifndef __UNIXOS2__

#ifndef __UNIXOS2__

   /* Give up root privs */

   /* Give up root privs */

   setuid(getuid());

   if (setuid(getuid()) == -1) {

      fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));

      exit(2);

#endif

#endif

   XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);

   XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);

(-) xc/programs/xinit/xinit.c (-2 / +5 lines)

Lines 1-5	Link Here

/* $Xorg: xinit.c,v 1.5 2001/02/09 02:05:49 xorgcvs Exp $ */

/* $Xorg: xinit.c,v 1.5 2001/02/09 02:05:49 xorgcvs Exp $ */

/* $XdotOrg: xc/programs/xinit/xinit.c,v 1.4 2005-10-04 01:27:34 ajax Exp $ */

/* $XdotOrg: xc/programs/xinit/xinit.c,v 1.4 2005/10/04 01:27:34 ajax Exp $ */

/*

/*

Lines 692-698	Link Here

startClient(char *client[])

startClient(char *client[])

	if ((clientpid = vfork()) == 0) {

	if ((clientpid = vfork()) == 0) {

		setuid(getuid());

		if (setuid(getuid()) == -1) {

			Error("cannot change uid: %s\n", strerror(errno));

			_exit(ERR_EXIT);

		setpgrp(0, getpid());

		setpgrp(0, getpid());

		environ = newenviron;

		environ = newenviron;

#ifdef __UNIXOS2__

#ifdef __UNIXOS2__

(-) xc/programs/xload/xload.c (-3 / +12 lines)

Lines 34-40	Link Here

 * xload - display system load average in a window

 * xload - display system load average in a window

*/

*/

#include <errno.h>

#include <stdio.h>

#include <stdio.h>

#include <stdlib.h>

#include <stdlib.h>

#include <unistd.h>

#include <unistd.h>

Lines 162-169	Link Here

    /* For security reasons, we reset our uid/gid after doing the necessary

    /* For security reasons, we reset our uid/gid after doing the necessary

       system initialization and before calling any X routines. */

       system initialization and before calling any X routines. */

    InitLoadPoint();

    InitLoadPoint();

    setgid(getgid());		/* reset gid first while still (maybe) root */

    /* reset gid first while still (maybe) root */

    setuid(getuid());

    if (setgid(getgid()) == -1) {

	    fprintf(stderr, "%s: setgid failed: %s\n",

		ProgramName, strerror(errno));

	    exit(1);

    if (setuid(getuid()) == -1) {

	    fprintf(stderr, "%s: setuid failed: %s\n",

		ProgramName, strerror(errno));

	    exit(1);

    XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);

    XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);

(-) xc/programs/xterm/main.c (-4 / +14 lines)

Lines 1592-1599	Link Here

    Window winToEmbedInto = None;

    Window winToEmbedInto = None;

#ifdef DISABLE_SETUID

#ifdef DISABLE_SETUID

    seteuid(getuid());

    if (seteuid(getuid()) == -1)

    setuid(getuid());

	    exit(2);

    if (setuid(getuid()) == -1)

	    exit(2);

#endif

#endif

    ProgramName = argv[0];

    ProgramName = argv[0];

Lines 1619-1626	Link Here

#if defined(USE_UTMP_SETGID)

#if defined(USE_UTMP_SETGID)

    get_pty(NULL, NULL);

    get_pty(NULL, NULL);

    seteuid(getuid());

    if (seteuid(getuid()) == -1) {

    setuid(getuid());

           fprintf(stderr,

               "%s: unable to change back euid\n", ProgramName);

           exit(1);

    if (setuid(getuid()) == -1) {

           fprintf(stderr,

               "%s: unable to change back uid\n", ProgramName);

           exit(1);

#define get_pty(pty, from) really_get_pty(pty, from)

#define get_pty(pty, from) really_get_pty(pty, from)

#endif

#endif

(-) xc/programs/xterm/misc.c (-4 / +8 lines)

Lines 1094-1101	Link Here

    pid = fork();

    pid = fork();

    switch (pid) {

    switch (pid) {

    case 0:			/* child */

    case 0:			/* child */

	setgid(gid);

	if (setgid(gid) == -1)

	setuid(uid);

	    _exit(ERROR_SETUID);

	if (setuid(uid) == -1)

	    _exit(ERROR_SETUID);

	fd = open(pathname,

	fd = open(pathname,

		  O_WRONLY | O_CREAT | (append ? O_APPEND : O_EXCL),

		  O_WRONLY | O_CREAT | (append ? O_APPEND : O_EXCL),

		  mode);

		  mode);

Lines 1262-1269	Link Here

	    signal(SIGCHLD, SIG_DFL);

	    signal(SIGCHLD, SIG_DFL);

	    /* (this is redundant) */

	    /* (this is redundant) */

	    setgid(screen->gid);

	    if (setgid(screen->gid) == -1)

	    setuid(screen->uid);

		exit(ERROR_SETUID);

	    if (setuid(screen->uid) == -1)

		exit(ERROR_SETUID);

	    execl(shell, shell, "-c", &screen->logfile[1], (void *) 0);

	    execl(shell, shell, "-c", &screen->logfile[1], (void *) 0);

(-) xc/programs/xterm/print.c (-3 / +5 lines)

Lines 387-395	Link Here

		dup2(fileno(stderr), 2);

		dup2(fileno(stderr), 2);

		close(fileno(stderr));

		close(fileno(stderr));

	    /* don't want privileges! */

	    setgid(screen->gid);	/* don't want privileges! */

	    if (setgid(screen->gid) == -1)

	    setuid(screen->uid);

		    exit(2);

	    if (setuid(screen->uid) == -1)

		    exit(2);

	    Printer = popen(screen->printer_command, "w");

	    Printer = popen(screen->printer_command, "w");

	    input = fdopen(my_pipe[0], "r");

	    input = fdopen(my_pipe[0], "r");

Attachment #89174: Monolith 6.9 for bug #135974