1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

Parionia to ensure people don't install libsmb based programs setuid root.

libsmb has not been written to be setuid, with things like LIBSMB_PROG allowing
all sort of fun and games.

Andrew Bartlett
(This used to be commit 0c8e9339d8)
This commit is contained in:
Andrew Bartlett 2001-10-31 01:52:34 +00:00
parent 1f829e19eb
commit 2fc8e32ad3
3 changed files with 15 additions and 1 deletions

View File

@ -413,3 +413,11 @@ main()
exit(0);
}
#endif
/****************************************************************************
Check if we are setuid root. Used in libsmb and smbpasswd parinoia checks.
****************************************************************************/
BOOL is_setuid_root(void)
{
return (geteuid() == (uid_t)0) && (getuid() != (uid_t)0);
}

View File

@ -154,6 +154,12 @@ struct cli_state *cli_initialise(struct cli_state *cli)
{
BOOL alloced_cli = False;
/* Check the effective uid - make sure we are not setuid */
if (is_setuid_root()) {
DEBUG(0,("libsmb based programs must *NOT* be setuid root.\n"));
return NULL;
}
if (!cli) {
cli = (struct cli_state *)malloc(sizeof(*cli));
if (!cli)

View File

@ -933,7 +933,7 @@ int main(int argc, char **argv)
strupper(global_myname);
/* Check the effective uid - make sure we are not setuid */
if ((geteuid() == (uid_t)0) && (getuid() != (uid_t)0)) {
if (is_setuid_root()) {
fprintf(stderr, "smbpasswd must *NOT* be setuid root.\n");
exit(1);
}