From f3ea91ef9652342d0b77377b2ebc71bff15588f9 Mon Sep 17 00:00:00 2001
From: Kris Kennaway <kris@FreeBSD.org>
Date: Sun, 30 Jan 2000 02:19:34 +0000
Subject: Drop privileges before executing user commands

Submitted by:	jedgar
---
 sysutils/ascpu/files/patch-sec01 | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 sysutils/ascpu/files/patch-sec01

(limited to 'sysutils/ascpu')

diff --git a/sysutils/ascpu/files/patch-sec01 b/sysutils/ascpu/files/patch-sec01
new file mode 100644
index 000000000000..d54a776f30a4
--- /dev/null
+++ b/sysutils/ascpu/files/patch-sec01
@@ -0,0 +1,21 @@
+--- ascpu_x.c.orig	Thu Dec 16 17:45:26 1999
++++ ascpu_x.c	Wed Dec 29 20:47:32 1999
+@@ -6,6 +6,7 @@
+  * This software is distributed under GPL. For details see LICENSE file.
+  */
+ 
++#include <sys/types.h>
+ #include <stdio.h>
+ #include <errno.h>
+ #include <fcntl.h>
+@@ -585,6 +586,10 @@
+ #ifdef DEBUG
+ 				printf("ascpu: system(%s)\n",Command);
+ #endif
++				if (setgid(getgid()) != 0)
++					err(1, "Can't drop setgid privileges");
++				if (setuid(getuid()) != 0)
++					err(1, "Can't drop setuid privileges");
+ 				system( Command );
+ 			}
+ 			break;
-- 
cgit v1.2.3