From e066ff5caf5ef705426c5b6cd4cb35d932cbc11e Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Mon, 6 Feb 2012 15:46:17 -0500
Subject: [PATCH] More complete fix for LDR_PRELOAD on AIX.  The addition of
 set_perm(PERM_ROOT) before calling the nss open functions (needed to avoid a
 GNU TLS bug) also broke LDR_PRELOAD.  Setting the effective and then real uid
 to 0 for PERM_ROOT works around the issue.

---
 plugins/sudoers/set_perms.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/plugins/sudoers/set_perms.c b/plugins/sudoers/set_perms.c
index 31e7f5f22..0cadc88f0 100644
--- a/plugins/sudoers/set_perms.c
+++ b/plugins/sudoers/set_perms.c
@@ -392,7 +392,7 @@ set_perms(int perm)
 
     case PERM_ROOT:
 	/*
-	 * setuid(0) may fail on some systems if the euid is not already 0.
+	 * setreuid(0, 0) may fail on some systems if euid is not already 0.
 	 */
 	if (ostate->euid != ROOT_UID) {
 	    if (setreuid(-1, ROOT_UID)) {
@@ -400,12 +400,12 @@ set_perms(int perm)
 		goto bad;
 	    }
 	}
-	if (setuid(ROOT_UID)) {
-	    errstr = "setuid(ROOT_UID)";
+	state->euid = ROOT_UID;
+	if (setreuid(ID(ruid), -1)) {
+	    errstr = "setreuid(ROOT_UID, -1)";
 	    goto bad;
 	}
 	state->ruid = ROOT_UID;
-	state->euid = ROOT_UID;
 	state->rgid = -1;
 	state->egid = -1;
 	state->grlist = ostate->grlist;
-- 
2.40.0