| blob | 6ef0736d085b392767920f2103fbe169ad933f11 |
1 diff -urN portmap_4/daemon.c portmap_4.new/daemon.c
2 --- portmap_4/daemon.c Thu Aug 3 18:07:22 2000
3 +++ portmap_4.new/daemon.c Fri Aug 4 08:45:25 2000
4 @@ -35,6 +35,7 @@
5 static char sccsid[] = "@(#)daemon.c 5.3 (Berkeley) 12/28/90";
6 #endif /* LIBC_SCCS and not lint */
8 +#include <stdlib.h>
9 #include <sys/types.h>
10 #include <fcntl.h>
11 #include <unistd.h>
12 diff -urN portmap_4/pmap_check.c portmap_4.new/pmap_check.c
13 --- portmap_4/pmap_check.c Thu Aug 3 18:07:22 2000
14 +++ portmap_4.new/pmap_check.c Thu Aug 3 18:29:51 2000
15 @@ -40,6 +40,8 @@
16 #include <rpc/pmap_prot.h>
17 #include <syslog.h>
18 #include <netdb.h>
19 +#include <pwd.h>
20 +#include <sys/types.h>
21 #include <sys/signal.h>
22 #ifdef SYSV40
23 #include <netinet/in.h>
24 @@ -149,11 +151,32 @@
25 /*
26 * Give up root privileges so that we can never allocate a privileged
27 * port when forwarding an rpc request.
28 + *
29 + * Fix 8/3/00 Philipp Knirsch: First lookup our rpc user. If we find it,
30 + * switch to that uid, otherwise simply resue the old bin user and print
31 + * out a warning in syslog.
32 */
33 - if (setuid(1) == -1) {
34 - syslog(LOG_ERR, "setuid(1) failed: %m");
35 - exit(1);
36 +
37 + struct passwd *pwent;
38 +
39 + pwent = getpwnam("rpc");
40 + if (pwent == NULL) {
41 + syslog(LOG_WARNING, "user rpc not found, reverting to user bin");
42 + if (setuid(1) == -1) {
43 + syslog(LOG_ERR, "setuid(1) failed: %m");
44 + exit(1);
45 + }
46 }
47 + else {
48 + if (setuid(pwent->pw_uid) == -1) {
49 + syslog(LOG_WARNING, "setuid() to rpc user failed: %m");
50 + if (setuid(1) == -1) {
51 + syslog(LOG_ERR, "setuid(1) failed: %m");
52 + exit(1);
53 + }
54 + }
55 + }
56 +
57 (void) signal(SIGINT, toggle_verboselog);
58 }