If set_perms == set_perms_posix and the stay_setuid flag is not

author Todd C. Miller <Todd.Miller@courtesan.com>

Sun, 13 Jan 2002 18:29:23 +0000 (18:29 +0000)

committer Todd C. Miller <Todd.Miller@courtesan.com>

Sun, 13 Jan 2002 18:29:23 +0000 (18:29 +0000)
author Todd C. Miller <Todd.Miller@courtesan.com>
Sun, 13 Jan 2002 18:29:23 +0000 (18:29 +0000)
committer Todd C. Miller <Todd.Miller@courtesan.com>
Sun, 13 Jan 2002 18:29:23 +0000 (18:29 +0000)
diff --git a/sudo.c b/sudo.c

index 7249d535f45e165d9ef2b2c31326dedd6828b87e..6313aed9b8fec02b64467d3a5ff1c8333090ba48 100644 (file)
--- a/sudo.c
+++ b/sudo.c
@@ -255,6 +255,21 @@ main(argc, argv, envp)
      /* Validate the user but don't search for pseudo-commands. */
      validated = sudoers_lookup(pwflag);
  
+    /*
+     * If we have POSIX saved uids and the stay_setuid flag was not set,
+     * set the real, effective and saved uids to 0 and use set_perms_fallback()
+     * instead of set_perms_posix().
+     */
+#if defined(_SC_SAVED_IDS) && defined(_SC_VERSION)
+    if (!def_flag(I_STAY_SETUID) && set_perms == set_perms_posix) {
+       if (setuid(0)) {
+           perror("setuid(0)");
+           exit(1);
+       }
+       set_perms = set_perms_fallback;
+    }
+#endif
+
      /*
       * Look up runas user passwd struct.  If we are given a uid then
       * there may be no corresponding passwd(5) entry (which is OK).
author	Todd C. Miller <Todd.Miller@courtesan.com>
	Sun, 13 Jan 2002 18:29:23 +0000 (18:29 +0000)
committer	Todd C. Miller <Todd.Miller@courtesan.com>
	Sun, 13 Jan 2002 18:29:23 +0000 (18:29 +0000)