isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

need to setuid(0) to make kerb4 stuff work.

Browse Source
This commit is contained in:
Todd C. Miller
1995-06-17 22:24:11 +00:00
parent c56b2c4469
commit a7c2a548a2
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
check.c
View File

@@ -581,7 +581,11 @@ int sudo_krb_validate_user(user, pass)
(void) sprintf(tkfile, "%s/tkt%d", _PATH_SUDO_TIMEDIR, uid); (void) sprintf(tkfile, "%s/tkt%d", _PATH_SUDO_TIMEDIR, uid);
(void) krb_set_tkt_string(tkfile); (void) krb_set_tkt_string(tkfile);
/* Update the ticket if password is ok */ /*
* Update the ticket if password is ok. Kerb4 expects
* the ruid and euid to be the same here so we setuid to root.
*/
set_perms(PERM_ROOT);
k_errno = krb_get_pw_in_tkt(user, "", realm, "krbtgt", realm, k_errno = krb_get_pw_in_tkt(user, "", realm, "krbtgt", realm,
DEFAULT_TKT_LIFE, pass); DEFAULT_TKT_LIFE, pass);
@@ -595,6 +599,9 @@ int sudo_krb_validate_user(user, pass)
(void) fprintf(stderr, "Warning: Kerberos error: %s\n", (void) fprintf(stderr, "Warning: Kerberos error: %s\n",
krb_err_txt[k_errno]); krb_err_txt[k_errno]);
/* done with rootly stuff */
set_perms(PERM_USER);
return(!(k_errno == INTK_OK)); return(!(k_errno == INTK_OK));
} }
#endif /* HAVE_KERB4 */ #endif /* HAVE_KERB4 */