From 2c168f5fb53e1e1d3905bdd7fac64497e0ab3875 Mon Sep 17 00:00:00 2001 From: Stelian Pop Date: Fri, 3 Nov 2000 18:28:58 +0000 Subject: [PATCH] Restore uid and gid before invoking external RSH. --- CHANGES | 5 ++++- common/dumprmt.c | 8 +++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index ee61a20..74e4243 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,4 @@ -$Id: CHANGES,v 1.84 2000/09/26 13:17:42 stelian Exp $ +$Id: CHANGES,v 1.85 2000/11/03 18:28:58 stelian Exp $ Changes between versions 0.4b19 and 0.4b20 (released ???????????????) ===================================================================== @@ -34,6 +34,9 @@ Changes between versions 0.4b19 and 0.4b20 (released ???????????????) 6. Made dump able to backup files larger than 2 GB. Note that dump still doesn't cope with files larger than 4 GB. +7. Restore the real uid and gid before invoking an external + RSH program (big hole when dump or restore is suid root!). + Changes between versions 0.4b18 and 0.4b19 (released August 20, 2000) ===================================================================== diff --git a/common/dumprmt.c b/common/dumprmt.c index dbbe618..4f6b3c7 100644 --- a/common/dumprmt.c +++ b/common/dumprmt.c @@ -40,7 +40,7 @@ #ifndef lint static const char rcsid[] = - "$Id: dumprmt.c,v 1.11 2000/01/21 10:17:41 stelian Exp $"; + "$Id: dumprmt.c,v 1.12 2000/11/03 18:28:58 stelian Exp $"; #endif /* not lint */ #ifdef __linux__ @@ -205,6 +205,12 @@ rmtgetconn(void) rshcmd[4] = rmt; rshcmd[5] = NULL; + /* Restore the uid and gid. We really don't want + * to execute whatever is put into RSH variable with + * more priviledges than needed... */ + setuid(getuid()); + setgid(getgid()); + if ((rshpid = piped_child(rshcmd)) < 0) { msg("cannot open connection\n"); return 0; -- 2.39.5