From fe19bcc7c14cfdccee92039d006878b965aacf8e Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Wed, 29 Mar 1995 22:59:47 +0000
Subject: [PATCH] now do set_perms(PERM_ROOT) before the getpwuid() in
 load_global() to work around a problem is trusted hpux shadow passwords.
 yuck.

---
 sudo.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sudo.c b/sudo.c
index c45833850..3d7397651 100644
--- a/sudo.c
+++ b/sudo.c
@@ -276,6 +276,7 @@ static void load_globals()
      * loading the user & epasswd global variable from the passwd file
      * (must be done as root to get real passwd on some systems)
      */
+    set_perms(PERM_ROOT);
     if ((pw_ent = getpwuid(uid)) == NULL) {
 	(void) sprintf(user, "%u", uid);
 	log_error(GLOBAL_NO_PW_ENT);
@@ -293,9 +294,9 @@ static void load_globals()
 
     /*
      * We only want to be root when we absolutely need it.
-     * This will effectively do setreuid(0, uid) but for portability...
+     * Since we set euid and ruid to 0 above, this will set the euid
+     * to the * uid of the caller so (ruid, euid) == (0, user's uid).
      */
-    set_perms(PERM_ROOT);
     set_perms(PERM_USER);
 
 #ifdef UMASK
-- 
2.49.0