From 5e8d5c24b260b2e9e25a248a93eddc11bc9260ac Mon Sep 17 00:00:00 2001 From: "H. Peter Anvin" Date: Wed, 29 May 2024 18:10:41 -0700 Subject: [PATCH] tftpd: Use setres*id() if available POSIX apparently doesn't clearly specify the behavior of the saved ID when calling setre*id(). If the system has setres*id() then use it to make absolutely sure that the ID changes cannot be undone. Signed-off-by: H. Peter Anvin --- configure.ac | 2 ++ tftpd/tftpd.c | 12 ++++++++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index 04b6f98..8770431 100644 --- a/configure.ac +++ b/configure.ac @@ -86,7 +86,9 @@ AC_CHECK_FUNCS(setsid) AC_CHECK_FUNCS(recvmsg) AC_CHECK_FUNCS(ftruncate) AC_CHECK_FUNCS(setreuid) +AC_CHECK_FUNCS(setresuid) AC_CHECK_FUNCS(setregid) +AC_CHECK_FUNCS(setresgid) AC_CHECK_FUNCS(initgroups) AC_CHECK_FUNCS(setgroups) AC_CHECK_FUNCS(sigaction) diff --git a/tftpd/tftpd.c b/tftpd/tftpd.c index e410d42..fcb29aa 100644 --- a/tftpd/tftpd.c +++ b/tftpd/tftpd.c @@ -1011,16 +1011,20 @@ int main(int argc, char **argv) #endif } -#ifdef HAVE_SETREGID +#ifdef HAVE_SETRESGID + setrv = setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid); +#elif defined(HAVE_SETREGID) setrv = setregid(pw->pw_gid, pw->pw_gid); #else setrv = setegid(pw->pw_gid) || setgid(pw->pw_gid); #endif if (setrv && errno == EPERM) { - setrv = 0; /* Already restricted */ + setrv = 0; /* Assume already restricted by system policy */ } -#ifdef HAVE_SETREUID +#ifdef HAVE_SETRESUID + setrv = setrv || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid); +#elif defined(HAVE_SETREUID) setrv = setrv || setreuid(pw->pw_uid, pw->pw_uid); #else /* Important: setuid() must come first */ @@ -1028,7 +1032,7 @@ int main(int argc, char **argv) (geteuid() != pw->pw_uid && seteuid(pw->pw_uid)); #endif if (setrv && errno == EPERM) { - setrv = 0; /* Already restricted */ + setrv = 0; /* Assume already restricted by system policy */ } if (setrv) {