53 lines
1.3 KiB
Plaintext
53 lines
1.3 KiB
Plaintext
$OpenBSD: patch-kdesu_client_cpp,v 1.1 2002/04/08 21:28:02 espie Exp $
|
|
--- kdesu/client.cpp.orig Mon Apr 8 20:39:08 2002
|
|
+++ kdesu/client.cpp Mon Apr 8 20:49:44 2002
|
|
@@ -98,10 +98,27 @@ int KDEsuClient::connect()
|
|
return -1;
|
|
}
|
|
|
|
-#if !defined(SO_PEERCRED) || !defined(HAVE_STRUCT_UCRED)
|
|
-#ifdef __GNUC__
|
|
-#warning "Using sloppy security checks"
|
|
-#endif
|
|
+#if defined(__OpenBSD__)
|
|
+ {
|
|
+ uid_t euid;
|
|
+ gid_t egid;
|
|
+
|
|
+ // Security: if socket exists, we must own it
|
|
+ if (getpeereid(sockfd, &euid, &egid) == 0)
|
|
+ {
|
|
+ if (euid != getuid())
|
|
+ {
|
|
+ kdWarning(900) << "socket not owned by me! socket uid = " << euid << endl;
|
|
+ close(sockfd); sockfd = -1;
|
|
+ return -1;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+#else
|
|
+# if !defined(SO_PEERCRED) || !defined(HAVE_STRUCT_UCRED)
|
|
+# ifdef __GNUC__
|
|
+# warning "Using sloppy security checks"
|
|
+# endif
|
|
// We check the owner of the socket after we have connected.
|
|
// If the socket was somehow not ours an attacker will be able
|
|
// to delete it after we connect but shouldn't be able to
|
|
@@ -125,7 +142,7 @@ int KDEsuClient::connect()
|
|
close(sockfd); sockfd = -1;
|
|
return -1;
|
|
}
|
|
-#else
|
|
+# else
|
|
struct ucred cred;
|
|
socklen_t siz = sizeof(cred);
|
|
|
|
@@ -139,6 +156,7 @@ int KDEsuClient::connect()
|
|
return -1;
|
|
}
|
|
}
|
|
+# endif
|
|
#endif
|
|
|
|
return 0;
|