diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/euidaccess.c | 7 | ||||
| -rw-r--r-- | lib/pt_chown.c | 6 | ||||
| -rw-r--r-- | lib/root-uid.h | 30 | ||||
| -rw-r--r-- | lib/unlinkdir.c | 3 | ||||
| -rw-r--r-- | lib/write-any-file.c | 3 |
5 files changed, 43 insertions, 6 deletions
diff --git a/lib/euidaccess.c b/lib/euidaccess.c index a0c2b37305..ca2ceca5d2 100644 --- a/lib/euidaccess.c +++ b/lib/euidaccess.c @@ -30,6 +30,8 @@ #include <sys/stat.h> #include <unistd.h> +#include "root-uid.h" + #if HAVE_LIBGEN_H # include <libgen.h> #endif @@ -140,8 +142,9 @@ euidaccess (const char *file, int mode) /* The super-user can read and write any file, and execute any file that anyone can execute. */ - if (euid == 0 && ((mode & X_OK) == 0 - || (stats.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH)))) + if (euid == ROOT_UID + && ((mode & X_OK) == 0 + || (stats.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH)))) return 0; /* Convert the mode to traditional form, clearing any bogus bits. */ diff --git a/lib/pt_chown.c b/lib/pt_chown.c index c55f43d203..466e1771e8 100644 --- a/lib/pt_chown.c +++ b/lib/pt_chown.c @@ -25,6 +25,8 @@ #include <sys/stat.h> #include <unistd.h> +#include "root-uid.h" + #include "pty-private.h" /* For security reasons, we try to minimize the dependencies on libraries @@ -75,7 +77,7 @@ main (int argc, char *argv[]) { uid_t euid = geteuid (); - if (argc == 1 && euid == 0) + if (argc == 1 && euid == ROOT_UID) { /* Normal invocation of this program is with no arguments and with privileges. */ @@ -152,7 +154,7 @@ main (int argc, char *argv[]) } /* Check if we are properly installed. */ - if (euid != 0) + if (euid != ROOT_UID) { fprintf (stderr, "pt_chown: needs to be installed setuid 'root'\n"); return FAIL_EXEC; diff --git a/lib/root-uid.h b/lib/root-uid.h new file mode 100644 index 0000000000..2379773c29 --- /dev/null +++ b/lib/root-uid.h @@ -0,0 +1,30 @@ +/* The user ID that always has appropriate privileges in the POSIX sense. + + Copyright 2012 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + + Written by Paul Eggert. */ + +#ifndef ROOT_UID_H_ +#define ROOT_UID_H_ + +/* The user ID that always has appropriate privileges in the POSIX sense. */ +#ifdef __TANDEM +# define ROOT_UID 65535 +#else +# define ROOT_UID 0 +#endif + +#endif diff --git a/lib/unlinkdir.c b/lib/unlinkdir.c index f991a2fc41..24b84f1c96 100644 --- a/lib/unlinkdir.c +++ b/lib/unlinkdir.c @@ -21,6 +21,7 @@ #include "unlinkdir.h" #include "priv-set.h" +#include "root-uid.h" #include <unistd.h> #if ! UNLINK_CANNOT_UNLINK_DIR @@ -43,7 +44,7 @@ cannot_unlink_dir (void) cannot = (priv_set_ismember (PRIV_SYS_LINKDIR) == 0); # else /* In traditional Unix, only root can unlink directories. */ - cannot = (geteuid () != 0); + cannot = (geteuid () != ROOT_UID); # endif initialized = true; } diff --git a/lib/write-any-file.c b/lib/write-any-file.c index 742c257038..f6b574df63 100644 --- a/lib/write-any-file.c +++ b/lib/write-any-file.c @@ -21,6 +21,7 @@ #include "write-any-file.h" #include "priv-set.h" +#include "root-uid.h" #include <unistd.h> @@ -40,7 +41,7 @@ can_write_any_file (void) can = (priv_set_ismember (PRIV_FILE_DAC_WRITE) == 1); #else /* In traditional Unix, only root can unlink directories. */ - can = (geteuid () == 0); + can = (geteuid () == ROOT_UID); #endif can_write = can; initialized = true; |