84 lines
2.2 KiB
Diff
84 lines
2.2 KiB
Diff
--- at-3.1.10/at.c.perm 2006-11-14 12:26:27.000000000 +0100
|
|
+++ at-3.1.10/at.c 2006-11-14 12:28:15.000000000 +0100
|
|
@@ -144,17 +144,12 @@
|
|
*/
|
|
if (fcreated) {
|
|
/*
|
|
- PRIV_START
|
|
-
|
|
We need the unprivileged uid here since the file is owned by the real
|
|
(not effective) uid.
|
|
*/
|
|
setregid(real_gid, effective_gid);
|
|
unlink(atfile);
|
|
setregid(effective_gid, real_gid);
|
|
- /*
|
|
- PRIV_END
|
|
- */
|
|
}
|
|
exit(EXIT_FAILURE);
|
|
}
|
|
@@ -314,18 +309,18 @@
|
|
* bit. Yes, this is a kluge.
|
|
*/
|
|
cmask = umask(S_IRUSR | S_IWUSR | S_IXUSR);
|
|
- seteuid(real_uid);
|
|
+ seteuid(effective_uid);
|
|
if ((fd = open(atfile, O_CREAT | O_EXCL | O_TRUNC | O_WRONLY, S_IRUSR)) == -1)
|
|
perr("Cannot create atjob file %.500s", atfile);
|
|
- seteuid(effective_uid);
|
|
+ //seteuid(effective_uid);
|
|
|
|
if ((fd2 = dup(fd)) < 0)
|
|
perr("Error in dup() of job file");
|
|
|
|
- /*
|
|
+
|
|
if (fchown(fd2, real_uid, real_gid) != 0)
|
|
perr("Cannot give away file");
|
|
- */
|
|
+
|
|
|
|
PRIV_END
|
|
|
|
@@ -656,6 +651,7 @@
|
|
We need the unprivileged uid here since the file is owned by the real
|
|
(not effective) uid.
|
|
*/
|
|
+// PRIV_START
|
|
setregid(real_gid, effective_gid);
|
|
|
|
if (queue == '=') {
|
|
@@ -668,17 +664,17 @@
|
|
|
|
setregid(effective_gid, real_gid);
|
|
done = 1;
|
|
-
|
|
+// PRIV_END
|
|
break;
|
|
|
|
case CAT:
|
|
{
|
|
FILE *fp;
|
|
int ch;
|
|
-
|
|
+ // PRIV_START
|
|
setregid(real_gid, effective_gid);
|
|
fp = fopen(dirent->d_name, "r");
|
|
-
|
|
+ // PRIV_END
|
|
if (fp) {
|
|
while ((ch = getc(fp)) != EOF) {
|
|
putchar(ch);
|
|
--- at-3.1.10/Makefile.in.perm 2006-11-14 12:26:27.000000000 +0100
|
|
+++ at-3.1.10/Makefile.in 2006-11-14 12:26:27.000000000 +0100
|
|
@@ -97,7 +97,7 @@
|
|
$(INSTALL) -m 755 -d $(IROOT)$(atdocdir)
|
|
$(INSTALL) -m 755 -d $(IROOT)$(ATJOB_DIR)
|
|
$(INSTALL) -m 755 -d $(IROOT)$(etcdir)/pam.d
|
|
- $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(IROOT) $(ATSPOOL_DIR)
|
|
+ $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(IROOT)$(ATSPOOL_DIR)
|
|
chmod 700 $(IROOT)$(ATSPOOL_DIR) $(IROOT)$(ATJOB_DIR)
|
|
touch $(IROOT)$(LFILE)
|
|
chmod 600 $(IROOT)$(LFILE)
|