From: Paul Mackerras <paulus@samba.org>
Date: Tue, 2 Mar 1999 05:59:22 +0000 (+0000)
Subject: open the device as the user unless the device name came from a
X-Git-Tag: RELEASE_2_3_6~13
X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=commitdiff_plain;h=8a68ed35b0312fe46436a3490097a4fdc5af1c95

open the device as the user unless the device name came from a
privileged source
---

diff --git a/pppd/main.c b/pppd/main.c
index 2141879..2ab3514 100644
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -18,7 +18,7 @@
  */
 
 #ifndef lint
-static char rcsid[] = "$Id: main.c,v 1.54 1999/03/02 05:36:42 paulus Exp $";
+static char rcsid[] = "$Id: main.c,v 1.55 1999/03/02 05:59:21 paulus Exp $";
 #endif
 
 #include <stdio.h>
@@ -77,7 +77,6 @@ char hostname[MAXNAMELEN];	/* Our hostname */
 static char pidfilename[MAXPATHLEN];	/* name of pid file */
 static char default_devnam[MAXPATHLEN];	/* name of default device */
 static pid_t pid;		/* Our pid */
-static uid_t uid;		/* Our real user-id */
 static int conn_running;	/* we have a [dis]connector running */
 
 int ttyfd = -1;			/* Serial port file descriptor */
@@ -85,6 +84,7 @@ mode_t tty_mode = -1;		/* Original access permissions to tty */
 int baud_rate;			/* Actual bits/second for serial device */
 int hungup;			/* terminal has been hung up */
 int privileged;			/* we're running as real uid root */
+int uid;			/* real user ID of the user */
 int need_holdoff;		/* need holdoff period before restarting */
 int detached;			/* have detached from terminal */
 
@@ -231,6 +231,7 @@ main(argc, argv)
 		     argv[0]);
 	exit(1);
     }
+    setuid(0);			/* make real uid = root */
 
     if (!ppp_available()) {
 	option_error(no_ppp_msg);
@@ -448,7 +449,16 @@ main(argc, argv)
 	hungup = 0;
 	kill_link = 0;
 	sigprocmask(SIG_UNBLOCK, &mask, NULL);
-	while ((ttyfd = open(devnam, O_NONBLOCK | O_RDWR, 0)) < 0) {
+	for (;;) {
+	    /* If the user specified the device name, become the
+	       user before opening it. */
+	    if (!devnam_info.priv)
+		seteuid(uid);
+	    ttyfd = open(devnam, O_NONBLOCK | O_RDWR, 0);
+	    if (!devnam_info.priv)
+		seteuid(0);
+	    if (ttyfd >= 0)
+		break;
 	    if (errno != EINTR)
 		syslog(LOG_ERR, "Failed to open %s: %m", devnam);
 	    if (!persist || errno != EINTR)
@@ -504,7 +514,14 @@ main(argc, argv)
 
 	/* reopen tty if necessary to wait for carrier */
 	if (connector == NULL && modem) {
-	    while ((i = open(devnam, O_RDWR)) < 0) {
+	    for (;;) {
+		if (!devnam_info.priv)
+		    seteuid(uid);
+		i = open(devnam, O_RDWR);
+		if (!devnam_info.priv)
+		    seteuid(0);
+		if (i >= 0)
+		    break;
 		if (errno != EINTR)
 		    syslog(LOG_ERR, "Failed to reopen %s: %m", devnam);
 		if (!persist || errno != EINTR || hungup || kill_link)
@@ -1145,7 +1162,7 @@ device_script(program, in, out)
 		close(errfd);
 	    }
 	}
-	setuid(getuid());
+	setuid(uid);
 	setgid(getgid());
 	execl("/bin/sh", "sh", "-c", program, (char *)0);
 	syslog(LOG_ERR, "could not exec /bin/sh: %m");
@@ -1227,7 +1244,6 @@ run_program(prog, args, must_exist, done, arg)
 	(void) setsid();    /* No controlling tty. */
 	(void) umask (S_IRWXG|S_IRWXO);
 	(void) chdir ("/"); /* no current directory. */
-	setuid(geteuid());
 	setgid(getegid());
 
 	/* Ensure that nothing of our device environment is inherited. */
diff --git a/pppd/options.c b/pppd/options.c
index b2c7b58..6078dcc 100644
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -18,7 +18,7 @@
  */
 
 #ifndef lint
-static char rcsid[] = "$Id: options.c,v 1.46 1999/02/26 11:03:34 paulus Exp $";
+static char rcsid[] = "$Id: options.c,v 1.47 1999/03/02 05:59:21 paulus Exp $";
 #endif
 
 #include <ctype.h>
@@ -416,7 +416,7 @@ options_from_user()
     int ret;
     struct passwd *pw;
 
-    pw = getpwuid(getuid());
+    pw = getpwuid(uid);
     if (pw == NULL || (user = pw->pw_dir) == NULL || user[0] == 0)
 	return 1;
     file = _PATH_USEROPT;
@@ -688,12 +688,10 @@ int
 readable(fd)
     int fd;
 {
-    uid_t uid;
     int ngroups, i;
     struct stat sbuf;
     GIDSET_TYPE groups[NGROUPS_MAX];
 
-    uid = getuid();
     if (uid == 0)
 	return 1;
     if (fstat(fd, &sbuf) != 0)
@@ -1183,15 +1181,11 @@ setdevname(cp, quiet)
 	return -1;
     }
 
-    if (!privileged_option) {
-	if (!quiet)
-	    option_error("setting the device name requires root privilege");
-	return -1;
-    }
-
     (void) strncpy(devnam, cp, MAXPATHLEN);
     devnam[MAXPATHLEN-1] = 0;
     default_device = FALSE;
+    devnam_info.priv = privileged_option;
+    devnam_info.source = option_source;
   
     return 1;
 }
diff --git a/pppd/pppd.h b/pppd/pppd.h
index 8029e40..3154360 100644
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -16,7 +16,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: pppd.h,v 1.25 1999/02/26 11:03:34 paulus Exp $
+ * $Id: pppd.h,v 1.26 1999/03/02 05:59:22 paulus Exp $
  */
 
 /*
@@ -116,6 +116,7 @@ extern int	privileged;	/* We were run by real-uid root */
 extern int	need_holdoff;	/* Need holdoff period after link terminates */
 extern char	**script_env;	/* Environment variables for scripts */
 extern int	detached;	/* Have detached from controlling tty */
+extern int	uid;		/* Real user ID of the user running pppd */
 
 /*
  * Variables set by command-line options.
@@ -387,7 +388,7 @@ struct option_info {
     char    *source;		/* where option came from */
 };
 
-extern struct option_info auth_req_info;
+extern struct option_info devnam_info;
 extern struct option_info connector_info;
 extern struct option_info disconnector_info;
 extern struct option_info welcomer_info;