Remove PERM_FULL_USER (which is no longer used) and add PERM_FULL_ROOT

(used when exec'ing the mailer).

diff --git a/set_perms.c b/set_perms.c
index 428fd986430fbe4ea7d7e1049728afb733d1cbf3..d18c7147ebbcd5ebd596bbe707dde0030fa2656f 100644 (file)
--- a/set_perms.c
+++ b/set_perms.c
@@ -93,19 +93,20 @@ set_perms_posix(perm, sudo_mode)
                                if (seteuid(0))
                                    fatal("seteuid(0)");
                                break;
+
+       case PERM_FULL_ROOT:
+                               /* headed for exec() */
+                               (void) seteuid(0);
+                               if (setuid(0))
+                                   fatal("setuid(0)");
+                               break;
+
        case PERM_USER:
                                (void) setegid(user_gid);
                                if (seteuid(user_uid))
                                    fatal("seteuid(user_uid)");
                                break;
                                
-       case PERM_FULL_USER:
-                               /* headed for exec() */
-                               (void) setgid(user_gid);
-                               if (setuid(user_uid))
-                                   fatal("setuid(user_uid)");
-                               break;
-
        case PERM_RUNAS:
                                /* headed for exec(), assume euid == 0 */
                                runas_setup();
@@ -155,25 +156,18 @@ set_perms_fallback(perm, sudo_mode)
     int error;
 
     switch (perm) {
+       case PERM_FULL_ROOT:
        case PERM_ROOT:
                                if (setuid(0))
                                    fatal("setuid(0)");
                                break;
+
        case PERM_USER:
                                (void) setegid(user_gid);
                                if (setreuid(0, user_uid))
                                    fatal("setreuid(0, user_uid)");
                                break;
                                
-       case PERM_FULL_USER:
-                               /* headed for exec() */
-                               (void) setgid(user_gid);
-                               if (setuid(user_uid)) {
-                                   fatal("setuid(user_uid)");
-                                   exit(1);
-                               }
-                               break;
-
        case PERM_RUNAS:
                                /* headed for exec(), assume euid == 0 */
                                runas_setup();
@@ -234,13 +228,6 @@ set_perms_fallback(perm, sudo_mode)
                                    fatal("seteuid(user_uid)");
                                break;
                                
-       case PERM_FULL_USER:
-                               /* headed for exec() */
-                               (void) setgid(user_gid);
-                               if (setuid(user_uid))
-                                   fatal("setuid(user_uid)");
-                               break;
-
        case PERM_RUNAS:
                                /* headed for exec(), assume euid == 0 */
                                runas_setup();

diff --git a/sudo.h b/sudo.h
index 062355ebd34892cb3a3b89ec4af73d35532eb98b..2d45dbc48ddc7cdfce432c92b9b4b6ea37080b42 100644 (file)
--- a/sudo.h
+++ b/sudo.h
@@ -111,8 +111,8 @@ struct sudo_user {
  * Used with set_perms()
  */
 #define PERM_ROOT                0x00
-#define PERM_USER                0x01
-#define PERM_FULL_USER           0x02
+#define PERM_FULL_ROOT           0x01
+#define PERM_USER                0x02
 #define PERM_SUDOERS             0x03
 #define PERM_RUNAS              0x04