1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-28 11:57:28 +00:00

Drop man priveledges before popen and restore them after it, because

it is possible to execute system command from f.e groff

Should be in 2.2
This commit is contained in:
Andrey A. Chernov 1996-12-18 19:46:21 +00:00
parent 8b1f0fa595
commit 64919fdd33
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=20654

View File

@ -1108,16 +1108,28 @@ make_cat_file (path, man_file, cat_file)
fprintf (stderr, "\ntrying command: %s\n", command);
else {
#ifdef SETREUID
setreuid(-1, ruid);
setregid(-1, rgid);
#endif
if ((pp = popen(command, "r")) == NULL) {
s = errno;
fprintf(stderr, "Failed.\n");
errno = s;
perror("popen");
#ifdef SETREUID
setreuid(-1, euid);
setregid(-1, egid);
#endif
unlink(temp);
restore_sigs();
fclose(fp);
return 0;
}
#ifdef SETREUID
setreuid(-1, euid);
setregid(-1, egid);
#endif
while ((s = getc(pp)) != EOF)
putc(s, fp);