* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#define RCSID "$Id: auth.c,v 1.109 2006/05/22 00:04:07 paulus Exp $"
+#define RCSID "$Id: auth.c,v 1.112 2006/06/18 11:26:00 paulus Exp $"
#include <stdio.h>
#include <stddef.h>
{
FILE *ufile;
int l;
+ uid_t euid;
char u[MAXNAMELEN], p[MAXSECRETLEN];
char *fname;
fname = strdup(*argv);
if (fname == NULL)
novm("+ua file name");
- seteuid(getuid());
+ euid = geteuid();
+ if (seteuid(getuid()) == -1) {
+ option_error("unable to reset uid before opening %s: %m", fname);
+ return 0;
+ }
ufile = fopen(fname, "r");
- seteuid(0);
+ if (seteuid(euid) == -1)
+ fatal("unable to regain privileges: %m");
if (ufile == NULL) {
option_error("unable to open user login data file %s", fname);
return 0;