| diff -urN portmap_4/daemon.c portmap_4.new/daemon.c |
| --- portmap_4/daemon.c Thu Aug 3 18:07:22 2000 |
| +++ portmap_4.new/daemon.c Fri Aug 4 08:45:25 2000 |
| @@ -35,6 +35,7 @@ |
| static char sccsid[] = "@(#)daemon.c 5.3 (Berkeley) 12/28/90"; |
| #endif /* LIBC_SCCS and not lint */ |
| |
| +#include <stdlib.h> |
| #include <sys/types.h> |
| #include <fcntl.h> |
| #include <unistd.h> |
| diff -urN portmap_4/pmap_check.c portmap_4.new/pmap_check.c |
| --- portmap_4/pmap_check.c Thu Aug 3 18:07:22 2000 |
| +++ portmap_4.new/pmap_check.c Thu Aug 3 18:29:51 2000 |
| @@ -40,6 +40,8 @@ |
| #include <rpc/pmap_prot.h> |
| #include <syslog.h> |
| #include <netdb.h> |
| +#include <pwd.h> |
| +#include <sys/types.h> |
| #include <sys/signal.h> |
| #ifdef SYSV40 |
| #include <netinet/in.h> |
| @@ -149,11 +151,32 @@ |
| /* |
| * Give up root privileges so that we can never allocate a privileged |
| * port when forwarding an rpc request. |
| + * |
| + * Fix 8/3/00 Philipp Knirsch: First lookup our rpc user. If we find it, |
| + * switch to that uid, otherwise simply resue the old bin user and print |
| + * out a warning in syslog. |
| */ |
| - if (setuid(1) == -1) { |
| - syslog(LOG_ERR, "setuid(1) failed: %m"); |
| - exit(1); |
| + |
| + struct passwd *pwent; |
| + |
| + pwent = getpwnam("rpc"); |
| + if (pwent == NULL) { |
| + syslog(LOG_WARNING, "user rpc not found, reverting to user bin"); |
| + if (setuid(1) == -1) { |
| + syslog(LOG_ERR, "setuid(1) failed: %m"); |
| + exit(1); |
| + } |
| } |
| + else { |
| + if (setuid(pwent->pw_uid) == -1) { |
| + syslog(LOG_WARNING, "setuid() to rpc user failed: %m"); |
| + if (setuid(1) == -1) { |
| + syslog(LOG_ERR, "setuid(1) failed: %m"); |
| + exit(1); |
| + } |
| + } |
| + } |
| + |
| (void) signal(SIGINT, toggle_verboselog); |
| } |
| |