From: Peter Stephenson <p.stephenson@samsung.com>
To: Zsh hackers list <zsh-workers@zsh.org>
Subject: Re: [PATCH] Silence compilation warnings about setuid, setgid
Date: Wed, 13 Jun 2018 14:10:19 +0100 [thread overview]
Message-ID: <20180613131021eucas1p263704fa9832375e6a49cf7f2077606dc~3ukj6hhqT1702017020eucas1p2W@eucas1p2.samsung.com> (raw)
In-Reply-To: <CAF6rxgmVA5KtcRoaVZi5P=6OtQdLPzHJowbBm+eyp0Zjea19Sg@mail.gmail.com>
On Wed, 13 Jun 2018 04:49:39 -0700
Eitan Adler <lists@eitanadler.com> wrote:
> On 7 May 2018 at 04:18, Sebastian Gniazdowski
> <sgniazdowski@gmail.com> wrote:
> > Hello,
> > on a Linux box I see:
> > Looking at the source, the reported calls are "extra" ones, they are
> > followed by proper setuid, setgid calls. I've found some way out
> > from this situation, of using the report value and reporting it
> > (gmail paste, proper patch is attached):
> >
>
> > #ifdef HAVE_SETUID
> > - setuid(getuid());
> > - setgid(getgid());
>
> While we're touching this code can we please correct the order of
> setuid and setgid?
>
> setgid must be called before setuid. If setuid is called first, on
> some platforms, it no longer has privs to call setgid aymore.
Presumably that's a trivial swap? I don't know if we need both
setgid()s before both setuid()s, because I don't know why they're
repeated --- but if the second case is simply to test for an error that's
not a big deal since if it worked properly there won't be one.
I didn't look at the original patch before now --- the obvious way to
fix it would simply be a cast to void. There's no comment about why the
code is like that, so perhaps retaining the error number is safer.
However, I think it's just confusing except in the (few?) cases where
the error number is different the first time. I ended up with this...
diff --git a/Src/options.c b/Src/options.c
index 590652e..14d9c3c 100644
--- a/Src/options.c
+++ b/Src/options.c
@@ -769,15 +769,24 @@ dosetopt(int optno, int value, int force, char *new_opts)
} else if(optno == PRIVILEGED && !value) {
/* unsetting PRIVILEGED causes the shell to make itself unprivileged */
#ifdef HAVE_SETUID
- setuid(getuid());
- setgid(getgid());
- if (setuid(getuid())) {
- zwarn("failed to change user ID: %e", errno);
- return -1;
- } else if (setgid(getgid())) {
+ int uerr = 0, gerr = 0;
+
+ errno = 0;
+ if (setgid(getgid()))
+ gerr = errno;
+ if (setuid(getuid()))
+ uerr = errno;
+ if (setgid(getgid())) {
zwarn("failed to change group ID: %e", errno);
+ if (gerr && gerr != errno)
+ zwarn("(error of additional preceding setgid() call: %e)", gerr);
return -1;
- }
+ } else if (setuid(getuid())) {
+ zwarn("failed to change user ID: %e", errno);
+ if (uerr && uerr != errno)
+ zwarn("(error of additional preceding setuid() call: %e)", uerr);
+ return -1;
+ }
#else
zwarn("setuid not available");
return -1;
next prev parent reply other threads:[~2018-06-13 13:10 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-07 11:18 Sebastian Gniazdowski
2018-06-13 11:49 ` Eitan Adler
2018-06-13 13:10 ` Peter Stephenson [this message]
2018-06-13 15:08 ` Bart Schaefer
2018-06-13 15:16 ` Peter Stephenson
2018-06-13 17:13 ` Eitan Adler
2018-06-13 17:19 ` Peter Stephenson
2018-06-13 18:41 ` dana
2018-06-14 8:41 ` Peter Stephenson
2018-06-14 10:31 ` dana
2018-06-14 10:40 ` Peter Stephenson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='20180613131021eucas1p263704fa9832375e6a49cf7f2077606dc~3ukj6hhqT1702017020eucas1p2W@eucas1p2.samsung.com' \
--to=p.stephenson@samsung.com \
--cc=zsh-workers@zsh.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).