Changeset 412 for trunk/src

Timestamp:

Sep 1, 2012, 4:25:30 PM (12 years ago)

Author:

katerina

Message:

Enhancements for ticket #312 (logrotate) and #313 (--enable-suid).

Location:

trunk/src

Files:

• sh_calls.c (modified) (3 diffs)
• sh_database.c (modified) (1 diff)
• slib.c (modified) (2 diffs)

trunk/src/sh_calls.c

@@ -696 +696 @@
   SL_ENTER(_("aud_open"));
 
+#ifdef USE_SUID
+  if (0 == strcmp(pathname, "/usr/bin/sudo"))
+    {
+      uid_t ruid; uid_t euid; uid_t suid;
+      getresuid(&ruid, &euid, &suid);
+    }
+  if (privs == SL_YESPRIV)
+    sl_set_suid();
+#else
+  /*@-noeffect@*/
+  (void) privs; /* fix compiler warning */
+  /*@+noeffect@*/
+#endif
+
   val_return = open (pathname, *o_noatime|flags, mode);
+
+#ifdef USE_SUID
+  if (privs == SL_YESPRIV)
+    sl_unset_suid();
+#endif
+
   if ((val_return < 0) && (*o_noatime != 0))
     {
@@ -704 +724 @@
     }
   error = errno;
-  /*@-noeffect@*/
-  (void) privs; /* fix compiler warning */
-  /*@+noeffect@*/
 
   if (val_return < 0)
@@ -736 +753 @@
   SL_ENTER(_("aud_open"));
 
-  val_return = open (pathname, flags, mode);
-  error = errno;
+#ifdef USE_SUID
+  if (privs == SL_YESPRIV)
+    sl_set_suid();
+#else
   /*@-noeffect@*/
   (void) privs; /* fix compiler warning */
   /*@+noeffect@*/
+#endif
+
+  val_return = open (pathname, flags, mode);
+
+#ifdef USE_SUID
+  if (privs == SL_YESPRIV)
+    sl_unset_suid();
+#endif
+
+  error = errno;
 
   if (val_return < 0)

trunk/src/sh_database.c

@@ -1764 +1764 @@
 
 /* recursively enter linked list of messages into database, last first
+ * - last is client (if this is a client message received by client)
  */
 long sh_database_insert_rec (dbins * curr, int depth, char * host)

trunk/src/slib.c

@@ -1535 +1535 @@
   SL_REQUIRE (sl_save_uids() == SL_ENONE, _("sl_save_uids() == SL_ENONE"));
 
+#ifndef SH_ALLOW_SUID
   if (euid != ruid || egid != rgid)
     {
@@ -1556 +1557 @@
 #endif
     }
+#endif
   SL_IRETURN(SL_ENONE, _("sl_policy_get_user"));
 }