From: Pawel J. D. <ni...@ga...> - 2003-08-22 22:35:52
|
On Wed, Aug 13, 2003 at 03:11:06PM +0200, Michal Belczyk wrote: +> @@ -281,10 +284,13 @@ +> } +> } +> if (syscall =3D=3D SYS_setgroups) { +> - reg[0] =3D sucall(); +> + reg[0] =3D euid; +> + setpeuid(0); +> + reg[1] =3D call(); +> CB_LOG(LOG_INFO, "Setting groups to %U [ret=3D%d].", +> - tabrange(arg[1], arg[0]), reg[0]); +> - return reg[0]; +> + tabrange(arg[1], arg[0]), reg[1]); +> + setpeuid(reg[0]); +> + return reg[1]; +> } +> if (syscall =3D=3D SYS_setlogin) { +> reg[0] =3D sucall(); +> - +>=20 +> Why wasn't that commited ? And why using sucall() makes that all users +> logged in become members of sshd group ? And it doesn't matter if there +> is privsep turned on or off - it still doesn't work as it should. You're right. sucall() cache cred structure and restore it after call to original syscall. So for setgroups(2) it can't be used. Commited, thanks! --=20 Pawel Jakub Dawidek pa...@da... UNIX Systems Programmer/Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am! http://cerber.sourceforge.net |