blob: ca9e28eb7083347dedadfc0422670bc4bf90e3fa [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +10001/*
Damien Miller95def091999-11-25 00:26:21 +11002 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
5 * Created: Sat Sep 9 01:56:14 1995 ylo
6 * Code for uid-swapping.
7 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +10008
9#include "includes.h"
Damien Milleree1c0b32000-01-21 00:18:15 +110010RCSID("$Id: uidswap.c,v 1.4 2000/01/20 13:18:16 damien Exp $");
Damien Millerd4a8b7e1999-10-27 13:42:43 +100011
12#include "ssh.h"
13#include "uidswap.h"
14
Damien Miller95def091999-11-25 00:26:21 +110015/*
16 * Note: all these functions must work in all of the following cases:
17 * 1. euid=0, ruid=0
18 * 2. euid=0, ruid!=0
19 * 3. euid!=0, ruid!=0
20 * Additionally, they must work regardless of whether the system has
21 * POSIX saved uids or not.
22 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100023
24#ifdef _POSIX_SAVED_IDS
25/* Lets assume that posix saved ids also work with seteuid, even though that
26 is not part of the posix specification. */
27#define SAVED_IDS_WORK_WITH_SETEUID
Damien Millerd4a8b7e1999-10-27 13:42:43 +100028
29/* Saved effective uid. */
30static uid_t saved_euid = 0;
31
Damien Milleree1c0b32000-01-21 00:18:15 +110032#endif /* _POSIX_SAVED_IDS */
33
Damien Miller95def091999-11-25 00:26:21 +110034/*
35 * Temporarily changes to the given uid. If the effective user
36 * id is not root, this does nothing. This call cannot be nested.
37 */
38void
39temporarily_use_uid(uid_t uid)
Damien Millerd4a8b7e1999-10-27 13:42:43 +100040{
41#ifdef SAVED_IDS_WORK_WITH_SETEUID
Damien Miller95def091999-11-25 00:26:21 +110042 /* Save the current euid. */
43 saved_euid = geteuid();
Damien Millerd4a8b7e1999-10-27 13:42:43 +100044
Damien Miller95def091999-11-25 00:26:21 +110045 /* Set the effective uid to the given (unprivileged) uid. */
46 if (seteuid(uid) == -1)
47 debug("seteuid %d: %.100s", (int) uid, strerror(errno));
Damien Millerd4a8b7e1999-10-27 13:42:43 +100048#else /* SAVED_IDS_WORK_WITH_SETUID */
Damien Miller95def091999-11-25 00:26:21 +110049 /* Propagate the privileged uid to all of our uids. */
50 if (setuid(geteuid()) < 0)
51 debug("setuid %d: %.100s", (int) geteuid(), strerror(errno));
Damien Millerd4a8b7e1999-10-27 13:42:43 +100052
Damien Miller95def091999-11-25 00:26:21 +110053 /* Set the effective uid to the given (unprivileged) uid. */
54 if (seteuid(uid) == -1)
55 debug("seteuid %d: %.100s", (int) uid, strerror(errno));
Damien Millerd4a8b7e1999-10-27 13:42:43 +100056#endif /* SAVED_IDS_WORK_WITH_SETEUID */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100057}
58
Damien Miller95def091999-11-25 00:26:21 +110059/*
60 * Restores to the original uid.
61 */
62void
63restore_uid()
Damien Millerd4a8b7e1999-10-27 13:42:43 +100064{
65#ifdef SAVED_IDS_WORK_WITH_SETEUID
Damien Miller95def091999-11-25 00:26:21 +110066 /* Set the effective uid back to the saved uid. */
67 if (seteuid(saved_euid) < 0)
68 debug("seteuid %d: %.100s", (int) saved_euid, strerror(errno));
Damien Millerd4a8b7e1999-10-27 13:42:43 +100069#else /* SAVED_IDS_WORK_WITH_SETEUID */
Damien Miller5428f641999-11-25 11:54:57 +110070 /*
71 * We are unable to restore the real uid to its unprivileged value.
72 * Propagate the real uid (usually more privileged) to effective uid
73 * as well.
74 */
Damien Miller95def091999-11-25 00:26:21 +110075 setuid(getuid());
Damien Millerd4a8b7e1999-10-27 13:42:43 +100076#endif /* SAVED_IDS_WORK_WITH_SETEUID */
77}
78
Damien Miller95def091999-11-25 00:26:21 +110079/*
80 * Permanently sets all uids to the given uid. This cannot be
81 * called while temporarily_use_uid is effective.
82 */
83void
84permanently_set_uid(uid_t uid)
Damien Millerd4a8b7e1999-10-27 13:42:43 +100085{
Damien Miller95def091999-11-25 00:26:21 +110086 if (setuid(uid) < 0)
87 debug("setuid %d: %.100s", (int) uid, strerror(errno));
Damien Millerd4a8b7e1999-10-27 13:42:43 +100088}