File libgnomesu-check-setuid-retval.patch of Package libgnomesu

Overview Repositories Revisions Requests Users Attributes Meta

File libgnomesu-check-setuid-retval.patch of Package libgnomesu

Index: libgnomesu-1.0.0/pam-backend/pam.c
===================================================================
--- libgnomesu-1.0.0.orig/pam-backend/pam.c
+++ libgnomesu-1.0.0/pam-backend/pam.c
@@ -338,7 +338,15 @@ main (int argc, char *argv[])
 		#ifdef HAVE_SETFSUID
 		setfsuid (pw->pw_uid);
 		#endif /* HAVE_SETFSUID */
-		change_identity (pw);
+
+		if (change_identity (pw)) {
+			pam_close_session (pamh, 0);
+			if (setcred)
+				pam_setcred (pamh, PAM_DELETE_CRED | PAM_SILENT);
+			close_pam (pamh, retval);
+			fprintf (outf, PROTOCOL_ERROR);
+			return 1;
+		}
 
 		modify_environment (pw);
 
Index: libgnomesu-1.0.0/su-backend/common.c
===================================================================
--- libgnomesu-1.0.0.orig/su-backend/common.c
+++ libgnomesu-1.0.0/su-backend/common.c
@@ -232,13 +232,20 @@ init_groups (const struct passwd *pw)
 #endif
 }
 
-void
+int
 change_identity (const struct passwd *pw)
 {
-	if (setgid (pw->pw_gid))
+	if (setgid (pw->pw_gid)) {
 		perror ("cannot set group id");
-	if (setuid (pw->pw_uid))
+		return -1;
+	}
+
+	if (setuid (pw->pw_uid)) {
 		perror ("cannot set user id");
+		return -1;
+	}
+
+	return 0;
 }
 
 void
Index: libgnomesu-1.0.0/su-backend/su.c
===================================================================
--- libgnomesu-1.0.0.orig/su-backend/su.c
+++ libgnomesu-1.0.0/su-backend/su.c
@@ -323,7 +323,12 @@ main (int argc, char **argv)
   init_xauth (pw);
   modify_environment (pw);
   init_groups (pw);
-  change_identity (pw);
+
+  if (change_identity (pw)) {
+	  fprintf (outf, PROTOCOL_ERROR);
+	  return 1;
+  }
+
   setup_xauth (pw);
 
   fprintf (outf, PROTOCOL_DONE);
Index: libgnomesu-1.0.0/su-backend/common.h
===================================================================
--- libgnomesu-1.0.0.orig/su-backend/common.h
+++ libgnomesu-1.0.0/su-backend/common.h
@@ -31,7 +31,7 @@ void xputenv (const char *val);
 void init_xauth (const struct passwd *pw);
 void setup_xauth (const struct passwd *pw);
 void init_groups (const struct passwd *pw);
-void change_identity (const struct passwd *pw);
+int  change_identity (const struct passwd *pw);
 void modify_environment (const struct passwd *pw);
 void *safe_memset (void *s, int c, size_t n);

Places

File libgnomesu-check-setuid-retval.patch of Package libgnomesu

Places