From f1284d7a513ed450a1a2136cdd31d5c32b548891 Mon Sep 17 00:00:00 2001 From: Bill Fenner Date: Fri, 9 Aug 1996 06:00:53 +0000 Subject: [PATCH] Drop setuid ASAP, to minimize code executed as root. Reviewed by: pst --- sbin/ping/ping.c | 20 +++++++++++++++++--- usr.sbin/traceroute/traceroute.c | 21 ++++++++++++++++++--- 2 files changed, 35 insertions(+), 6 deletions(-) diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c index de19a4575d02..dfd1c2a35ff4 100644 --- a/sbin/ping/ping.c +++ b/sbin/ping/ping.c @@ -154,13 +154,26 @@ main(argc, argv) struct protoent *proto; struct termios ts; register int i; - int ch, fdmask, hold, packlen, preload; + int ch, fdmask, hold, packlen, preload, sockerrno; u_char *datap, *packet; char *target, hnamebuf[MAXHOSTNAMELEN], *malloc(); #ifdef IP_OPTIONS char rspace[3 + 4 * NROUTES + 1]; /* record route space */ #endif + /* + * Do the stuff that we need root priv's for *first*, and + * then drop our setuid bit. Save error reporting for + * after arg parsing. + */ + proto = getprotobyname("icmp"); + if (proto) { + s = socket(AF_INET, SOCK_RAW, proto->p_proto); + sockerrno = errno; + } + + setuid(getuid()); + preload = 0; if (tcgetattr (0, &ts) != -1) { reset_kerninfo = !(ts.c_lflag & NOKERNINFO); @@ -288,11 +301,12 @@ main(argc, argv) ident = getpid() & 0xFFFF; - if (!(proto = getprotobyname("icmp"))) { + if (!proto) { (void)fprintf(stderr, "ping: unknown protocol icmp.\n"); exit(1); } - if ((s = socket(AF_INET, SOCK_RAW, proto->p_proto)) < 0) { + if (s < 0) { + errno = sockerrno; perror("ping: socket"); exit(1); } diff --git a/usr.sbin/traceroute/traceroute.c b/usr.sbin/traceroute/traceroute.c index 652f503200b4..ccdc7fdf11ed 100644 --- a/usr.sbin/traceroute/traceroute.c +++ b/usr.sbin/traceroute/traceroute.c @@ -1,6 +1,6 @@ #ifndef lint static char *rcsid = - "@(#)$Header: traceroute.c,v 1.27 95/10/18 00:17:06 leres Exp $ (LBL)"; + "@(#)$Header: /home/ncvs/src/usr.sbin/traceroute/traceroute.c,v 1.5 1996/03/13 08:04:29 pst Exp $ (LBL)"; #endif /* @@ -294,6 +294,20 @@ main(int argc, char **argv) int lsrr = 0; u_long gw; u_char optlist[MAX_IPOPTLEN], *oix; + int sockerrno; + + /* + * Do the setuid-required stuff first, then lose priveleges ASAP. + * Do error checking for these two calls where they appeared in + * the original code. + */ + pe = getprotobyname("icmp"); + if (pe) { + s = socket(AF_INET, SOCK_RAW, pe->p_proto); + sockerrno = errno; + } + + setuid(getuid()); oix = optlist; bzero(optlist, sizeof(optlist)); @@ -446,11 +460,12 @@ main(int argc, char **argv) ident = (getpid() & 0xffff) | 0x8000; - if ((pe = getprotobyname("icmp")) == NULL) { + if (pe == NULL) { Fprintf(stderr, "icmp: unknown protocol\n"); exit(10); } - if ((s = socket(AF_INET, SOCK_RAW, pe->p_proto)) < 0) { + if (s < 0) { + errno = sockerrno; perror("traceroute: icmp socket"); exit(5); }