- (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() since

it does the right thing on all platforms. ok djm@
author: Darren Tucker <dtucker@zip.com.au> 2004-08-15 17:23:34 +1000
committer: Darren Tucker <dtucker@zip.com.au> 2004-08-15 17:23:34 +1000
commit: 25f60a7ee780c2cd4a01e05698149d274821012f (patch)
tree: 2fbe10fb72d4e1037dbadf1196dfba4062de299d /ssh-keysign.c
parent: 397a2f2612901785d8290a90ae9aa59efb422c92 (diff)
download: openssh-git-25f60a7ee780c2cd4a01e05698149d274821012f.tar.gz
1 files changed, 6 insertions, 6 deletions
diff --git a/ssh-keysign.c b/ssh-keysign.c
index cf8b0c2d..51765579 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -41,6 +41,7 @@ RCSID("$OpenBSD: ssh-keysign.c,v 1.16 2004/04/18 23:10:26 djm Exp $");
 #include "canohost.h"
 #include "pathnames.h"
 #include "readconf.h"
+#include "uidswap.h"
 
 /* XXX readconf.c needs these */
 uid_t original_real_uid;
@@ -150,8 +151,11 @@ main(int argc, char **argv)
 	key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY);
 	key_fd[1] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
 
-	seteuid(getuid());
-	setuid(getuid());
+	if ((pw = getpwuid(getuid())) == NULL)
+		fatal("getpwuid failed");
+	pw = pwcopy(pw);
+
+	permanently_set_uid(pw);
 
 	init_rng();
 	seed_rng();
@@ -173,10 +177,6 @@ main(int argc, char **argv)
 	if (key_fd[0] == -1 && key_fd[1] == -1)
 		fatal("could not open any host key");
 
-	if ((pw = getpwuid(getuid())) == NULL)
-		fatal("getpwuid failed");
-	pw = pwcopy(pw);
-
 	SSLeay_add_all_algorithms();
 	for (i = 0; i < 256; i++)
 		rnd[i] = arc4random();
author	Darren Tucker <dtucker@zip.com.au>	2004-08-15 17:23:34 +1000
committer	Darren Tucker <dtucker@zip.com.au>	2004-08-15 17:23:34 +1000
commit	25f60a7ee780c2cd4a01e05698149d274821012f (patch)
tree	2fbe10fb72d4e1037dbadf1196dfba4062de299d /ssh-keysign.c
parent	397a2f2612901785d8290a90ae9aa59efb422c92 (diff)
download	openssh-git-25f60a7ee780c2cd4a01e05698149d274821012f.tar.gz