Ignores return value of seteuid() in two cases
Brought to you by:
soupboy
From https://buildd.debian.org/status/fetch.php?pkg=pam-ssh-agent-auth&arch=i386&ver=0.10.2-1&stamp=1454675300 :
...
authfd.c: In function 'ssh_get_authentication_socket':
authfd.c:147:5: warning: ignoring return value of 'seteuid', declared with attribute warn_unused_result [-Wunused-result]
seteuid(uid); / To ensure a race condition is not used to circumvent the stat
^
authfd.c:156:5: warning: ignoring return value of 'seteuid', declared with attribute warn_unused_result [-Wunused-result]
seteuid(0); / we now continue the regularly scheduled programming */
^
...
From man seteuid:
...
RETURN VALUE
On success, zero is returned. On error, -1 is returned, and errno is set appropriately.
Note: there are cases where seteuid() can fail even when the caller is UID 0; it is a grave security error to omit checking for a failure return from seteuid().
...
Patch used in Debian.