[2824] in Kerberos-V5-bugs
krb5-libs/503: seteuid.c should not look for _POSIX_SAVED_IDS
daemon@ATHENA.MIT.EDU (evanc@synapse.net)
Sat Nov 22 14:59:05 1997
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: krb5-unassigned@RT-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, evanc@synapse.net
Date: 22 Nov 1997 19:56:36 -0000
From: evanc@synapse.net
To: krb5-bugs@MIT.EDU
Cc: evanc@synapse.net
>Number: 503
>Category: krb5-libs
>Synopsis: seteuid.c should not look for _POSIX_SAVED_IDS
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sat Nov 22 14:57:01 EST 1997
>Last-Modified:
>Originator: Evan Champion
>Organization:
>Release: krb5-1.0.2
>Environment:
System: BSD/OS conductor.synapse.net 3.1 BSDI BSD/OS 3.1 Kernel #0: Tue Oct 28 19:45:49 EST 1997 evanc@piano.synapse.net:/usr/src/sys/compile/CONDUCTOR i386
>Description:
lib/krb5util/seteuid.c should not be looking for _POSIX_SAVED_IDS.
This prevents seteuid() from being used on 4.4BSD systems, as none
of them define _POSIX_SAVED_IDS, and seteuid() is very often the
only set-effective-UID function that actually works. This is
definitely the case on all versions of BSD/OS.
Fix verified to not break anything on BSD/OS 3.1 and FreeBSD
3.0-current. I rather doubt it will break anything on other
platforms either.
>How-To-Repeat:
>Fix:
*** /home/evanc/1/krb5-1.0.3/src/lib/krb5util/seteuid.c Mon Nov 17 22:49:40 1997
--- src/lib/krb5util/seteuid.c Sat Nov 22 14:53:19 1997
***************
*** 38,44 ****
int euid_in;
{
uid_t euid = (uid_t) euid_in;
! #if defined(_POSIX_SAVED_IDS) && defined(HAVE_SETEUID)
return (seteuid(euid)) ;
#else
#if defined(HAVE_SETRESUID)
--- 38,44 ----
int euid_in;
{
uid_t euid = (uid_t) euid_in;
! #if defined(HAVE_SETEUID)
return (seteuid(euid)) ;
#else
#if defined(HAVE_SETRESUID)
>Audit-Trail:
>Unformatted:
