From ee3d4021aaaeacff7cf2addcdaa48859fffba2aa Mon Sep 17 00:00:00 2001

From: Andreas Schwab <schwab@redhat.com>

Date: Thu, 3 Feb 2011 15:45:02 +0100

Subject: [PATCH] Replace setuid by file capabilities

* login/programs/pt_chown.c (main): Check for valid file

descriptor instead of privileges.  Be careful to drop all

capabilities when not needed.

---

 ChangeLog                 |    6 ++++++

 login/programs/pt_chown.c |   14 +++++++++-----

 3 files changed, 16 insertions(+), 6 deletions(-)

--- a/login/programs/pt_chown.c

+++ b/login/programs/pt_chown.c

@@ -28,6 +28,7 @@

 #include <string.h>

 #include <sys/stat.h>

 #include <unistd.h>

+#include <fcntl.h>

 #ifdef HAVE_LIBCAP

 # include <sys/capability.h>

 # include <sys/prctl.h>

@@ -142,7 +143,7 @@ main (int argc, char *argv[])

   uid_t uid = getuid ();

   int remaining;

-  if (argc == 1 && euid == 0)

+  if (argc == 1 && fcntl (PTY_FILENO, F_GETFD) == 0)

     {

 #ifdef HAVE_LIBCAP

   /* Drop privileges.  */

@@ -175,6 +176,13 @@ main (int argc, char *argv[])

   /* We aren't going to be using privileges, so drop them right now. */

   setuid (uid);

+#ifdef HAVE_LIBCAP

+  cap_t caps = cap_init ();

+  if (caps == NULL)

+    error (1, errno, "cap_init");

+  cap_set_proc (caps);

+  cap_free (caps);

+#endif

   /* Set locale via LC_ALL.  */

   setlocale (LC_ALL, "");

@@ -194,9 +202,5 @@ main (int argc, char *argv[])

       return EXIT_FAILURE;

     }

-  /* Check if we are properly installed.  */

-  if (euid != 0)

-    error (FAIL_EXEC, 0, gettext ("needs to be installed setuid `root'"));

-

   return EXIT_SUCCESS;

 }