From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Mon, 6 Feb 2012 18:29:19 +0000 (-0500)
Subject: For PERM_ROOT when using setreuid(), only set the euid to 0 prior
X-Git-Tag: SUDO_1_8_4~22^2
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=656807823d0915a33dcd85109b822a65bf6bb480;p=sudo

For PERM_ROOT when using setreuid(), only set the euid to 0 prior
to the call to setuid(0) if the current euid is non-zero.  This
effectively restores the state of things prior to rev 7bfeb629fccb.
Fixes a problem on AIX where LDR_PRELOAD was not being honored for
the command being executed.
---

diff --git a/plugins/sudoers/set_perms.c b/plugins/sudoers/set_perms.c
index 53c48dd3e..31e7f5f22 100644
--- a/plugins/sudoers/set_perms.c
+++ b/plugins/sudoers/set_perms.c
@@ -392,12 +392,13 @@ set_perms(int perm)
 
     case PERM_ROOT:
 	/*
-	 * setreuid(0, 0) may fail on some systems
-	 * when the euid is not already 0.
+	 * setuid(0) may fail on some systems if the euid is not already 0.
 	 */
-	if (setreuid(-1, ROOT_UID)) {
-	    errstr = "setreuid(-1, ROOT_UID)";
-	    goto bad;
+	if (ostate->euid != ROOT_UID) {
+	    if (setreuid(-1, ROOT_UID)) {
+		errstr = "setreuid(-1, ROOT_UID)";
+		goto bad;
+	    }
 	}
 	if (setuid(ROOT_UID)) {
 	    errstr = "setuid(ROOT_UID)";