From 0b2a5b574c7ffd99aa3226d36e1d261826405625 Mon Sep 17 00:00:00 2001 From: "kwc@citi.umich.edu" Date: Mon, 3 Jul 2006 18:34:21 -0400 Subject: [PATCH] Use setfsuid() rather than seteuid() while creating contexts Signed-off-by: Kevin Coffman As suggested by Olaf Kirch , use setfsuid() rather than seteuid() when creating a gss context. This prevents users from using credentials that do not belong to them, while also preventing them from doing things like killing, renicing, or changing the priority of the gssd process while it is processing the context creation. --- utils/gssd/gssd_proc.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c index 75a04f5..c268497 100644 --- a/utils/gssd/gssd_proc.c +++ b/utils/gssd/gssd_proc.c @@ -493,13 +493,13 @@ int create_auth_rpc_client(struct clnt_info *clp, /* Create the context as the user (not as root) */ save_uid = geteuid(); - if (seteuid(uid) != 0) { - printerr(0, "WARNING: Failed to seteuid for " + if (setfsuid(uid) != 0) { + printerr(0, "WARNING: Failed to setfsuid for " "user with uid %d\n", uid); goto out_fail; } - printerr(2, "creating context using euid %d (save_uid %d)\n", - geteuid(), save_uid); + printerr(2, "creating context using fsuid %d (save_uid %d)\n", + uid, save_uid); sec.qop = GSS_C_QOP_DEFAULT; sec.svc = RPCSEC_GSS_SVC_NONE; @@ -646,9 +646,9 @@ int create_auth_rpc_client(struct clnt_info *clp, gss_release_cred(&min_stat, &sec.cred); if (a != NULL) freeaddrinfo(a); /* Restore euid to original value */ - if ((save_uid != -1) && (seteuid(save_uid) != 0)) { - printerr(0, "WARNING: Failed to restore euid" - " to uid %d\n", save_uid); + if ((save_uid != -1) && (setfsuid(save_uid) != uid)) { + printerr(0, "WARNING: Failed to restore fsuid" + " to uid %d from %d\n", save_uid, uid); } return retval; -- 2.39.2