From 1d30b3f1f66a0cd179f47082245079ef357b6a66 Mon Sep 17 00:00:00 2001 From: Ryan Mallon Date: Tue, 8 Oct 2013 14:53:29 +0200 Subject: wall,crontab: use xopen_as_uid_gid() This fixes a narrow security race in crontab. function old new delta xopen_as_uid_gid - 80 +80 seteuid - 64 +64 setegid - 64 +64 setreuid - 37 +37 xseteuid - 22 +22 xsetegid - 22 +22 crontab_main 590 577 -13 setfsuid 33 - -33 setfsgid 33 - -33 wall_main 138 102 -36 open_as_user 109 - -109 text data bss dec hex filename 893539 497 7568 901604 dc1e4 busybox_old 893618 497 7568 901683 dc233 busybox_unstripped Signed-off-by: Ryan Mallon Signed-off-by: Denys Vlasenko --- miscutils/wall.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'miscutils/wall.c') diff --git a/miscutils/wall.c b/miscutils/wall.c index c74f4f27b..bb709ee39 100644 --- a/miscutils/wall.c +++ b/miscutils/wall.c @@ -41,11 +41,7 @@ int wall_main(int argc UNUSED_PARAM, char **argv) /* The applet is setuid. * Access to the file must be under user's uid/gid. */ - setfsuid(getuid()); - setfsgid(getgid()); - fd = xopen(argv[1], O_RDONLY); - setfsuid(geteuid()); - setfsgid(getegid()); + fd = xopen_as_uid_gid(argv[1], O_RDONLY, getuid(), getgid()); } msg = xmalloc_read(fd, NULL); if (ENABLE_FEATURE_CLEAN_UP && argv[1]) -- cgit v1.2.3