From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 8517 invoked by alias); 13 Jun 2018 17:19:34 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: List-Unsubscribe: X-Seq: 43004 Received: (qmail 2727 invoked by uid 1010); 13 Jun 2018 17:19:34 -0000 X-Qmail-Scanner-Diagnostics: from mailout1.w1.samsung.com by f.primenet.com.au (envelope-from , uid 7791) with qmail-scanner-2.11 (clamdscan: 0.99.2/21882. spamassassin: 3.4.1. Clear:RC:0(210.118.77.11):SA:0(-6.9/5.0):. Processed in 3.094108 secs); 13 Jun 2018 17:19:34 -0000 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI, SPF_HELO_PASS,SPF_PASS,T_DKIMWL_WL_HIGH,T_DKIM_INVALID autolearn=ham autolearn_force=no version=3.4.1 X-Envelope-From: p.stephenson@samsung.com X-Qmail-Scanner-Mime-Attachments: | X-Qmail-Scanner-Zip-Files: | DKIM-Filter: OpenDKIM Filter v2.11.0 mailout1.w1.samsung.com 20180613171926euoutp0126c48df7051d2412435cdeceedeaef88~3x_DHrbUx2832928329euoutp01M DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samsung.com; s=mail20170921; t=1528910366; bh=1sZM2RLH1V7gTyQoKryAHEavh9FbC3bzgMbf+qdzTuc=; h=Date:From:To:Subject:In-Reply-To:References:From; b=EfbR/WED7abibuokIFBJBtZ8VqKUvKmd4AnYiapG4df3kHQs1MEXJUm3Pm0knQUYw ZSJEmTIkUgQFkLbKBuwm7APogevoCJARCDguT8Q27ulLaKjLTnMj8FjHZiijtIFwZE iBE4KMgix8vFkqvmCYruV6R3YSdqnylJgNdTZcSo= X-AuditID: cbfec7f4-713ff700000043e4-32-5b21521cf41d Date: Wed, 13 Jun 2018 18:19:21 +0100 From: Peter Stephenson To: Zsh hackers list Subject: Re: [PATCH] Silence compilation warnings about setuid, setgid In-Reply-To: Organization: SCSC X-Mailer: Claws Mail 3.13.2 (GTK+ 2.24.30; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrPIsWRmVeSWpSXmKPExsWy7djP87oyQYrRBqe2W1scbH7I5MDoserg B6YAxigum5TUnMyy1CJ9uwSujKe7njMXbBaouLrmI1sD4zaeLkZODgkBE4mFu8+xdzFycQgJ rGCUOHXiCBuE08cksef5fRYIp5dJYt/hNUwwLa8/XmeGSCxnlNh5fA0LSAKs6vABDYjEGUaJ 2z+fs0I4Fxgl2h++BKtiEVCV+HL6EhuIzSZgKDF102xGEFtEQEtix8mTYCuEBdwkNs/bzAxi cwoESkw72wxkc3DwCwhJXGi2hbjCXuLoHohyXgFBiZMzn4CNZxaQl9j+dg7YdRICn9kkmuY8 ZIEoKpNYePEL1AsuEmd2L2SGsIUlXh3fwg5hy0j83zmfCaK5nVFizaTX7BBOD6PEpqN3GCGq rCX6bl9kBLmIWUBTYv0ufYiwo8S/Q9vYQcISAnwSN94KQhzEJzFp23RmiDCvREebEES1msSO pq2MExiVZyF5YRaSF2YhzF/AyLyKUTy1tDg3PbXYKC+1XK84Mbe4NC9dLzk/dxMjMBmc/nf8 yw7GXX+SDjEKcDAq8fBukFOMFmJNLCuuzD3EKMHBrCTC6/dCIVqINyWxsiq1KD++qDQntfgQ ozQHi5I4b5xGXZSQQHpiSWp2ampBahFMlomDU6qBcR1vaL2sdoupS0N3SWz6ZNGtr2wD/6U8 3Hv7vafT/K1PSz6/r1Xd/Pi1cq+c8dvGJbtiJitO//M2hW+Z0Z0tvZPXVaUfPp9wQ67l94PC /wnLQnZwWrc19FW3Hwn5+aBxwvzv57l3qp9N6n6StvnqyyiGb+oNz3pcorQ2b8t7dDxAKFN5 tWzqHyWW4oxEQy3mouJEAGPytKsCAwAA X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFuphkeLIzCtJLcpLzFFi42I5/e/4PV3pIMVog5n3VS0ONj9kcmD0WHXw A1MAY5SeTVF+aUmqQkZ+cYmtUrShhZGeoaWFnpGJpZ6hsXmslZGpkr6dTUpqTmZZapG+XYJe xtNdz5kLNgtUXF3zka2BcRtPFyMnh4SAicTrj9eZuxi5OIQEljJKTJ40iwkiISPx6cpHdghb WOLPtS42iKJuJokrS7dDdZxhlDjz+TszSJWQwAVGiZ9XNUBsFgFViS+nL7GB2GwChhJTN81m BLFFBLQkdpw8CbZBWMBNYvO8zUC9HBy8As4SJy7pgYQ5BQIlpp1thpr/jFni/MIWRpAafgEh iQvNthAH2Usc3QMxhldAUOLkzCcsIDazgI7EiVXHmCFseYntb+cwT2AUnoWkbBaSsllIyhYw Mq9iFEktLc5Nzy020itOzC0uzUvXS87P3cQIjIltx35u2cHY9S74EKMAB6MSD+8GOcVoIdbE suLK3EOMEhzMSiK8fi8UooV4UxIrq1KL8uOLSnNSiw8xmgLDYiKzlGhyPjBe80riDU0NzS0s Dc2NzY3NLJTEec8bVEYJCaQnlqRmp6YWpBbB9DFxcEo1MF6eGvSuqPT54W0pvRcOTTPov8Al +b3OY+Hptr2m0y/O4zKU9ilK/SHmUclwJNfglVP5lAq+hb3mGf5nrTk6FjI/sp/gVOI4hy99 elLNHrGaA5PDjpvkZXs6ytzaaDhtX9yLk3bcDw1mHq8o8s+47+PyrVDAwX9H5uIQq5Rd1vPn fNVbdSV5oxJLcUaioRZzUXEiAL6enc6fAgAA Message-Id: <20180613171924eucas1p1ffdbcc9252255b19e36788fd06a7f582~3x_Aqkahf0839108391eucas1p1U@eucas1p1.samsung.com> X-CMS-MailID: 20180613171924eucas1p1ffdbcc9252255b19e36788fd06a7f582 X-Msg-Generator: CA Content-Type: text/plain; charset="utf-8" X-RootMTR: 20180613115039epcas5p3f7e70bdce12919686a5dec9895782138 X-EPHeader: CA CMS-TYPE: 201P X-CMS-RootMailID: 20180613115039epcas5p3f7e70bdce12919686a5dec9895782138 References: <20180613131021eucas1p263704fa9832375e6a49cf7f2077606dc~3ukj6hhqT1702017020eucas1p2W@eucas1p2.samsung.com> On Wed, 13 Jun 2018 10:13:53 -0700 Eitan Adler wrote: > On 13 June 2018 at 08:08, Bart Schaefer > wrote: > > This may have been isolated to a 1990s-era OS that is no longer at > > issue. Either way there's no particular reason to save and report > > errno from the first call. > > See > https://wiki.sei.cmu.edu/confluence/display/c/POS37-C.+Ensure+that+privilege+relinquishment+is+successful > I'm not sure what current systems have these issues, but explicitly > checking the results of getuid after priv-drop is still considered a > "good idea" There's no question of not testing the final result, the question is whether we need the result of the first one that might erroneously report success. I've now get this. pws diff --git a/Src/options.c b/Src/options.c index 590652e..a6e3216 100644 --- a/Src/options.c +++ b/Src/options.c @@ -769,15 +769,25 @@ dosetopt(int optno, int value, int force, char *new_opts) } else if(optno == PRIVILEGED && !value) { /* unsetting PRIVILEGED causes the shell to make itself unprivileged */ #ifdef HAVE_SETUID - setuid(getuid()); - setgid(getgid()); - if (setuid(getuid())) { - zwarn("failed to change user ID: %e", errno); - return -1; - } else if (setgid(getgid())) { + errno = 0; + /* + * Set the GID first as if we set the UID to non-privileged it + * might be impossible to restore the GID. + * + * Some OSes (possibly no longer around) have been known to + * fail silently the first time, so we attempt the change twice. + * If it fails we are guaranteed to pick this up the second + * time, so ignore the first time. + */ + (void)setgid(getgid()); + (void)setuid(getuid()); + if (setgid(getgid())) { zwarn("failed to change group ID: %e", errno); return -1; - } + } else if (setuid(getuid())) { + zwarn("failed to change user ID: %e", errno); + return -1; + } #else zwarn("setuid not available"); return -1;