20010226
- (bal) Fixed bsd-snprinf.c so it now honors 'BROKEN_SNPRINTF' again.
+ - (djm) Some systems (SCO3, NeXT) have weird saved uid semantics.
+ Based on patch from Tim Rice <tim@multitalents.net>
20010225
- (djm) Use %{_libexecdir} rather than hardcoded path in RPM specfile
/* Define if X11 doesn't support AF_UNIX sockets on that system */
#undef NO_X11_UNIX_SOCKETS
+/* Needed for SCO and NeXT */
+#undef SAVED_IDS_WORK_WITH_SETEUID
+
@BOTTOM@
/* ******************* Shouldn't need to edit below this line ************** */
AC_DEFINE(HAVE_NEXT)
AC_DEFINE(BROKEN_REALPATH)
AC_DEFINE(USE_PIPES)
+ AC_DEFINE(SAVED_IDS_WORK_WITH_SETEUID)
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
CFLAGS="$CFLAGS"
;;
AC_DEFINE(HAVE_SCO_PROTECTED_PW)
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H)
+ AC_DEFINE(SAVED_IDS_WORK_WITH_SETEUID)
AC_CHECK_FUNCS(getluid setluid)
;;
*-*-sco3.2v5*)
AC_DEFINE(HAVE_SCO_PROTECTED_PW)
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H)
+ AC_DEFINE(SAVED_IDS_WORK_WITH_SETEUID)
AC_CHECK_FUNCS(getluid setluid)
;;
*-dec-osf*)
prng_seed_saved = 0;
/* Give up privs while reading seed file */
+#ifdef SAVED_IDS_WORK_WITH_SETEUID
if ((original_uid != original_euid) && (seteuid(original_uid) == -1))
fatal("Couldn't give up privileges");
+#else /* SAVED_IDS_WORK_WITH_SETEUID */
+ /*
+ * Propagate the privileged uid to all of our uids.
+ * Set the effective uid to the given (unprivileged) uid.
+ */
+ if (original_uid != original_euid && setuid(original_euid) == -1 ||
+ seteuid(original_uid) == -1)
+ fatal("Couldn't give up privileges");
+#endif /* SAVED_IDS_WORK_WITH_SETEUID */
prng_read_seedfile();
+#ifdef SAVED_IDS_WORK_WITH_SETEUID
if ((original_uid != original_euid) && (seteuid(original_euid) == -1))
fatal("Couldn't restore privileges");
+#else /* SAVED_IDS_WORK_WITH_SETEUID */
+ /*
+ * We are unable to restore the real uid to its unprivileged value.
+ * Propagate the real uid (usually more privileged) to effective uid
+ * as well.
+ */
+ if (original_uid != original_euid && seteuid(original_euid) == -1 ||
+ setuid(original_uid) == -1)
+ fatal("Couldn't restore privileges");
+#endif /* SAVED_IDS_WORK_WITH_SETEUID */
fatal_add_cleanup(prng_seed_cleanup, NULL);
atexit(prng_write_seedfile);