Attachment #42647 for bug #69054

View | Details | Raw Unified | Return to bug 69054
Collapse All | Expand All

Lines 1-7 Link Here

(-)work/tftp-hpa-0.34/Makefile (-1 / +1 lines)
1	# You can do "make SUB=blah" to make only a few, or edit here, or both	1	# You can do "make SUB=blah" to make only a few, or edit here, or both
2	# You can also run make directly in the subdirs you want.	2	# You can also run make directly in the subdirs you want.
3		3
4	SUB = lib tftp tftpd	4	SUB = lib tftpd
5		5
6	%.build: MCONFIG acconfig.h version.h	6	%.build: MCONFIG acconfig.h version.h
7	$(MAKE) -C $(patsubst %.build, %, $@)	7	$(MAKE) -C $(patsubst %.build, %, $@)





  /* Set up the supplementary group access list if possible */
  /* /etc/group still need to be accessible at this point */
  if (! (getgid() && getegid() && getuid() && geteuid()) ) { /* root */
#ifdef HAVE_INITGROUPS
  setrv = initgroups(user, pw->pw_gid);
  if ( setrv ) {

  }
#endif
#endif
  } /* root */

  /* Chroot and drop privileges */
  if (secure) {

#endif
  }

  if (! (getgid() && getegid() && getuid() && geteuid()) ) { /* root */
#if 0 /* def HAVE_SETREGID does not work */
  setrv = setregid(pw->pw_gid, pw->pw_gid);
#else
  setrv = setegid(pw->pw_gid) || setgid(pw->pw_gid);
#endif
  
#if 0 /* def HAVE_SETREUID does not work*/
  setrv = setrv || setreuid(pw->pw_uid, pw->pw_uid);
#else
  /* Important: setuid() must come first */

    syslog(LOG_ERR, "cannot drop privileges: %m");
    exit(EX_OSERR);
  }
  } /* root */
  
  /* Other basic setup */
  from.sin_family = AF_INET;

Return to bug 69054

Lines 619-624 Link Here

(-)work/tftp-hpa-0.34/tftpd/tftpd.c (-2 / +6 lines)
619		619
620	/* Set up the supplementary group access list if possible */	620	/* Set up the supplementary group access list if possible */
621	/* /etc/group still need to be accessible at this point */	621	/* /etc/group still need to be accessible at this point */
		622	if (! (getgid() && getegid() && getuid() && geteuid()) ) { /* root */
622	#ifdef HAVE_INITGROUPS	623	#ifdef HAVE_INITGROUPS
623	setrv = initgroups(user, pw->pw_gid);	624	setrv = initgroups(user, pw->pw_gid);
624	if ( setrv ) {	625	if ( setrv ) {
Lines 632-637 Link Here
632	}	633	}
633	#endif	634	#endif
634	#endif	635	#endif
		636	} /* root */
635		637
636	/* Chroot and drop privileges */	638	/* Chroot and drop privileges */
637	if (secure) {	639	if (secure) {
Lines 644-656 Link Here
644	#endif	646	#endif
645	}	647	}
646		648
647	#ifdef HAVE_SETREGID	649	if (! (getgid() && getegid() && getuid() && geteuid()) ) { /* root */
		650	#if 0 /* def HAVE_SETREGID does not work */
648	setrv = setregid(pw->pw_gid, pw->pw_gid);	651	setrv = setregid(pw->pw_gid, pw->pw_gid);
649	#else	652	#else
650	setrv = setegid(pw->pw_gid) \|\| setgid(pw->pw_gid);	653	setrv = setegid(pw->pw_gid) \|\| setgid(pw->pw_gid);
651	#endif	654	#endif
652		655
653	#ifdef HAVE_SETREUID	656	#if 0 /* def HAVE_SETREUID does not work*/
654	setrv = setrv \|\| setreuid(pw->pw_uid, pw->pw_uid);	657	setrv = setrv \|\| setreuid(pw->pw_uid, pw->pw_uid);
655	#else	658	#else
656	/* Important: setuid() must come first */	659	/* Important: setuid() must come first */
Lines 662-667 Link Here
662	syslog(LOG_ERR, "cannot drop privileges: %m");	665	syslog(LOG_ERR, "cannot drop privileges: %m");
663	exit(EX_OSERR);	666	exit(EX_OSERR);
664	}	667	}
		668	} /* root */
665		669
666	/* Other basic setup */	670	/* Other basic setup */
667	from.sin_family = AF_INET;	671	from.sin_family = AF_INET;