From 9b533614e1886b9ea92fb0c14fd7a5d3ebdcd9f3 Mon Sep 17 00:00:00 2001 From: thib Date: Mon, 20 Aug 2001 20:01:43 +0000 Subject: [PATCH] we now use USE_SETE_ID to determine if we should use sete?id() funcs --- config.h.in | 5 ++++- configure.in | 51 ++++++++++++++++++++++++++------------------------- fcrontab.c | 18 +++++++++--------- 3 files changed, 39 insertions(+), 35 deletions(-) diff --git a/config.h.in b/config.h.in index 2ea1acf..fa0af41 100644 --- a/config.h.in +++ b/config.h.in @@ -21,7 +21,7 @@ * `LICENSE' that comes with the fcron source distribution. */ - /* $Id: config.h.in,v 1.35 2001-08-17 19:48:18 thib Exp $ */ + /* $Id: config.h.in,v 1.36 2001-08-20 20:02:53 thib Exp $ */ /* *********************************************************** */ @@ -157,6 +157,9 @@ /* 1 if you want foreground mode by default */ #undef FOREGROUND +/* Define if we should use sete[ug]id() funcs */ +#undef USE_SETE_ID + /* username to run under */ #undef USERNAME diff --git a/configure.in b/configure.in index 9547494..ebfa02a 100644 --- a/configure.in +++ b/configure.in @@ -555,10 +555,8 @@ ROOTGROUP="$rootgroup" AC_SUBST(ROOTGROUP) AC_DEFINE_UNQUOTED(ROOTGROUP, "$rootgroup") -if test \( $seteuid -eq 0 \) -o \( $setegid -eq 0 \) ; then - username="$rootname" - groupname="$rootgroup" -else +username="$rootname" +groupname="$rootgroup" AC_MSG_CHECKING(username to run fcrontab under) AC_ARG_WITH(username, @@ -570,27 +568,32 @@ AC_ARG_WITH(username, yes) if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then username=fcron - AC_MSG_RESULT(fcron) - else - AC_MSG_RESULT(root) fi + AC_MSG_RESULT($username) ;; *) if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then - username="$withval"; - AC_MSG_RESULT($withval) + username="$withval"; + AC_MSG_RESULT($username) + if test "$withval" = "$rootname"; then + AC_MSG_WARN([ + +Beware that running fcrontab setuid root is not very secure. You should use +another user name if possible. +]) + seteuid=0 + setegid=0 + fi else - AC_MSG_RESULT(root) - AC_MSG_WARN(username must be root as your system has no seteuid) + AC_MSG_RESULT($username) + AC_MSG_WARN(username must be $rootname as your system has no seteuid) fi ;; esac ], if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then username=fcron - AC_MSG_RESULT(fcron) - else - AC_MSG_RESULT(root) fi + AC_MSG_RESULT($username) ) AC_MSG_CHECKING(groupname to run fcrontab under) @@ -603,31 +606,25 @@ AC_ARG_WITH(groupname, yes) if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then groupname=fcron - AC_MSG_RESULT(fcron) - else - AC_MSG_RESULT(root) fi + AC_MSG_RESULT($groupname) ;; *) if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then groupname="$withval"; - AC_MSG_RESULT($withval) + AC_MSG_RESULT($groupname) else - AC_MSG_RESULT(root) - AC_MSG_WARN(groupname must be root as your system has no setegid) + AC_MSG_RESULT($groupname) + AC_MSG_WARN(groupname must be $rootgroup as username is $username) fi ;; esac ], if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then groupname=fcron - AC_MSG_RESULT(fcron) - else - AC_MSG_RESULT(root) fi + AC_MSG_RESULT($groupname) ) -fi - USERNAME="$username" AC_SUBST(USERNAME) AC_DEFINE_UNQUOTED(USERNAME, "$username") @@ -635,6 +632,10 @@ GROUPNAME="$groupname" AC_SUBST(GROUPNAME) AC_DEFINE_UNQUOTED(GROUPNAME, "$groupname") +if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then + AC_DEFINE(USE_SETE_ID) +fi + dnl We set exec_prefix to $prefix (also done in Makefile) exec_prefix=$prefix BINDIREX=`eval echo $bindir` diff --git a/fcrontab.c b/fcrontab.c index 014814c..8c3636a 100644 --- a/fcrontab.c +++ b/fcrontab.c @@ -22,7 +22,7 @@ * `LICENSE' that comes with the fcron source distribution. */ - /* $Id: fcrontab.c,v 1.46 2001-08-17 19:40:46 thib Exp $ */ + /* $Id: fcrontab.c,v 1.47 2001-08-20 20:01:43 thib Exp $ */ /* * The goal of this program is simple : giving a user interface to fcron @@ -42,7 +42,7 @@ #include "fcrontab.h" -char rcs_info[] = "$Id: fcrontab.c,v 1.46 2001-08-17 19:40:46 thib Exp $"; +char rcs_info[] = "$Id: fcrontab.c,v 1.47 2001-08-20 20:01:43 thib Exp $"; void info(void); void usage(void); @@ -171,7 +171,7 @@ copy(char *orig, char *dest) /* create it as fcrontab_uid (to avoid problem if user's uid changed) * except for root. Root requires filesystem uid root for security * reasons */ -#if defined(HAVE_SETEGID) && defined(HAVE_SETEUID) +#ifdef USE_SETE_ID if (asuid != 0 && seteuid(fcrontab_uid) != 0) error_e("seteuid(fcrontab_uid[%d])", fcrontab_uid); #endif @@ -179,7 +179,7 @@ copy(char *orig, char *dest) error_e("copy: dest"); return ERR; } -#if defined(HAVE_SETEGID) && defined(HAVE_SETEUID) +#ifdef USE_SETE_ID if (asuid != 0 && seteuid(uid) != 0) die_e("seteuid(uid[%d])", uid); #endif @@ -222,7 +222,7 @@ remove_fcrontab(char rm_orig) error_e("could not remove %s", buf); } -#if defined(HAVE_SETEGID) && defined(HAVE_SETEUID) +#ifdef USE_SETE_ID if (seteuid(fcrontab_uid) != 0) error_e("seteuid(fcrontab_uid[%d])", fcrontab_uid); #endif @@ -240,7 +240,7 @@ remove_fcrontab(char rm_orig) need_sig = 1; -#if defined(HAVE_SETEGID) && defined(HAVE_SETEUID) +#ifdef USE_SETE_ID if (seteuid(uid) != 0) die_e("seteuid(uid[%d])", uid); #endif @@ -366,7 +366,7 @@ edit_file(char *buf) error_e("could not fdopen"); goto exiterr; } -#if ! (defined(HAVE_SETEGID) && defined(HAVE_SETEUID)) +#ifndef USE_SETE_ID if (fchown(file, asuid, asgid) != 0) { error_e("Could not fchown %s to asuid and asgid", tmp_str); goto exiterr; @@ -436,7 +436,7 @@ edit_file(char *buf) goto exiterr; } -#if ! (defined(HAVE_SETEGID) && defined(HAVE_SETEUID)) +#ifndef USE_SETE_ID /* we have chown the tmp file to user's name : user may have * linked the tmp file to a file owned by root. In that case, as * fcrontab is setuid root, user may read some informations he is not @@ -769,7 +769,7 @@ main(int argc, char **argv) /* interpret command line options */ parseopt(argc, argv); -#if defined(HAVE_SETEGID) && defined(HAVE_SETEUID) +#ifdef USE_SETE_ID { struct passwd *pass; if ( ! (pass = getpwnam(USERNAME)) ) -- 2.49.0