When dropping and regaining privileges during option processing,
the seteuid to regain privileges is now the original EUID rather
than a constant zero. This means that `pppd --version' run without
root privilege prints the version number and exits rather than
giving an "unable to regain privileges" error.
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#define RCSID "$Id: auth.c,v 1.111 2006/06/04 21:56:31 paulus Exp $"
+#define RCSID "$Id: auth.c,v 1.112 2006/06/18 11:26:00 paulus Exp $"
#include <stdio.h>
#include <stddef.h>
#include <stdio.h>
#include <stddef.h>
char u[MAXNAMELEN], p[MAXSECRETLEN];
char *fname;
char u[MAXNAMELEN], p[MAXSECRETLEN];
char *fname;
fname = strdup(*argv);
if (fname == NULL)
novm("+ua file name");
fname = strdup(*argv);
if (fname == NULL)
novm("+ua file name");
if (seteuid(getuid()) == -1) {
option_error("unable to reset uid before opening %s: %m", fname);
return 0;
}
ufile = fopen(fname, "r");
if (seteuid(getuid()) == -1) {
option_error("unable to reset uid before opening %s: %m", fname);
return 0;
}
ufile = fopen(fname, "r");
+ if (seteuid(euid) == -1)
fatal("unable to regain privileges: %m");
if (ufile == NULL) {
option_error("unable to open user login data file %s", fname);
fatal("unable to regain privileges: %m");
if (ufile == NULL) {
option_error("unable to open user login data file %s", fname);
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#define RCSID "$Id: options.c,v 1.99 2006/06/04 07:04:57 paulus Exp $"
+#define RCSID "$Id: options.c,v 1.100 2006/06/18 11:26:00 paulus Exp $"
#include <ctype.h>
#include <stdio.h>
#include <ctype.h>
#include <stdio.h>
option_t *opt;
int oldpriv, n;
char *oldsource;
option_t *opt;
int oldpriv, n;
char *oldsource;
char *argv[MAXARGS];
char args[MAXARGS][MAXWORDLEN];
char cmd[MAXWORDLEN];
char *argv[MAXARGS];
char args[MAXARGS][MAXWORDLEN];
char cmd[MAXWORDLEN];
if (check_prot && seteuid(getuid()) == -1) {
option_error("unable to drop privileges to open %s: %m", filename);
return 0;
}
f = fopen(filename, "r");
err = errno;
if (check_prot && seteuid(getuid()) == -1) {
option_error("unable to drop privileges to open %s: %m", filename);
return 0;
}
f = fopen(filename, "r");
err = errno;
- if (check_prot && seteuid(0) == -1)
+ if (check_prot && seteuid(euid) == -1)
fatal("unable to regain privileges");
if (f == NULL) {
errno = err;
fatal("unable to regain privileges");
if (f == NULL) {
errno = err;
char **argv;
{
int fd, err;
char **argv;
{
int fd, err;
if (!privileged_option && seteuid(getuid()) == -1) {
option_error("unable to drop permissions to open %s: %m", *argv);
return 0;
if (!privileged_option && seteuid(getuid()) == -1) {
option_error("unable to drop permissions to open %s: %m", *argv);
return 0;
if (fd < 0 && errno == EEXIST)
fd = open(*argv, O_WRONLY | O_APPEND);
err = errno;
if (fd < 0 && errno == EEXIST)
fd = open(*argv, O_WRONLY | O_APPEND);
err = errno;
- if (!privileged_option && seteuid(0) == -1)
+ if (!privileged_option && seteuid(euid) == -1)
fatal("unable to regain privileges: %m");
if (fd < 0) {
errno = err;
fatal("unable to regain privileges: %m");
if (fd < 0) {
errno = err;