diff --git a/set_perms.c b/set_perms.c index 428fd9864..d18c7147e 100644 --- a/set_perms.c +++ b/set_perms.c @@ -93,19 +93,20 @@ set_perms_posix(perm, sudo_mode) if (seteuid(0)) fatal("seteuid(0)"); break; + + case PERM_FULL_ROOT: + /* headed for exec() */ + (void) seteuid(0); + if (setuid(0)) + fatal("setuid(0)"); + break; + case PERM_USER: (void) setegid(user_gid); if (seteuid(user_uid)) fatal("seteuid(user_uid)"); break; - case PERM_FULL_USER: - /* headed for exec() */ - (void) setgid(user_gid); - if (setuid(user_uid)) - fatal("setuid(user_uid)"); - break; - case PERM_RUNAS: /* headed for exec(), assume euid == 0 */ runas_setup(); @@ -155,25 +156,18 @@ set_perms_fallback(perm, sudo_mode) int error; switch (perm) { + case PERM_FULL_ROOT: case PERM_ROOT: if (setuid(0)) fatal("setuid(0)"); break; + case PERM_USER: (void) setegid(user_gid); if (setreuid(0, user_uid)) fatal("setreuid(0, user_uid)"); break; - case PERM_FULL_USER: - /* headed for exec() */ - (void) setgid(user_gid); - if (setuid(user_uid)) { - fatal("setuid(user_uid)"); - exit(1); - } - break; - case PERM_RUNAS: /* headed for exec(), assume euid == 0 */ runas_setup(); @@ -234,13 +228,6 @@ set_perms_fallback(perm, sudo_mode) fatal("seteuid(user_uid)"); break; - case PERM_FULL_USER: - /* headed for exec() */ - (void) setgid(user_gid); - if (setuid(user_uid)) - fatal("setuid(user_uid)"); - break; - case PERM_RUNAS: /* headed for exec(), assume euid == 0 */ runas_setup(); diff --git a/sudo.h b/sudo.h index 062355ebd..2d45dbc48 100644 --- a/sudo.h +++ b/sudo.h @@ -111,8 +111,8 @@ struct sudo_user { * Used with set_perms() */ #define PERM_ROOT 0x00 -#define PERM_USER 0x01 -#define PERM_FULL_USER 0x02 +#define PERM_FULL_ROOT 0x01 +#define PERM_USER 0x02 #define PERM_SUDOERS 0x03 #define PERM_RUNAS 0x04