More secure setgroups functions. (thanks muh)

5 files changed, 21 insertions, 5 deletions

diff --git a/AUTHORS b/AUTHORS
index 4976391..286a0cc 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -25,3 +25,4 @@ Thanks to:
   Roman I Khimov <khimov@altell.ru>
   Yannick Duchêne <yannick_duchene@yahoo.fr
   Martin Misuth <et.code@ethome.sk>
+  Michael Zuo <muh.muhten@gmail.com>
diff --git a/package/deps.mak b/package/deps.mak
index 99611a2..372f806 100644
--- a/package/deps.mak
+++ b/package/deps.mak
@@ -430,7 +430,7 @@ src/libstddjb/pathexec_run.o src/libstddjb/pathexec_run.lo: src/libstddjb/pathex
 src/libstddjb/pipe_internal.o src/libstddjb/pipe_internal.lo: src/libstddjb/pipe_internal.c src/include/skalibs/djbunix.h src/include/skalibs/nonposix.h src/include/skalibs/sysdeps.h
 src/libstddjb/prog.o src/libstddjb/prog.lo: src/libstddjb/prog.c src/include/skalibs/strerr2.h
 src/libstddjb/prot.o src/libstddjb/prot.lo: src/libstddjb/prot.c src/include/skalibs/djbunix.h
-src/libstddjb/prot_grps.o src/libstddjb/prot_grps.lo: src/libstddjb/prot_grps.c src/include/skalibs/djbunix.h src/include/skalibs/nonposix.h src/include/skalibs/setgroups.h
+src/libstddjb/prot_grps.o src/libstddjb/prot_grps.lo: src/libstddjb/prot_grps.c src/include/skalibs/djbunix.h src/include/skalibs/setgroups.h
 src/libstddjb/prot_readgroups.o src/libstddjb/prot_readgroups.lo: src/libstddjb/prot_readgroups.c src/include/skalibs/djbunix.h
 src/libstddjb/rm_rf.o src/libstddjb/rm_rf.lo: src/libstddjb/rm_rf.c src/include/skalibs/djbunix.h src/include/skalibs/skamisc.h
 src/libstddjb/rm_rf_in_tmp.o src/libstddjb/rm_rf_in_tmp.lo: src/libstddjb/rm_rf_in_tmp.c src/include/skalibs/direntry.h src/include/skalibs/djbunix.h src/include/skalibs/stralloc.h
diff --git a/src/include/skalibs/setgroups.h b/src/include/skalibs/setgroups.h
index fab0614..98998e0 100644
--- a/src/include/skalibs/setgroups.h
+++ b/src/include/skalibs/setgroups.h
@@ -9,6 +9,7 @@
 
 #include <unistd.h>
 
+extern int setgroups_and_gid (gid_t, size_t, gid_t const *) ;
 extern int setgroups_with_egid (size_t, gid_t const *) ;
 extern int skalibs_setgroups (size_t, gid_t const *) ;
 
diff --git a/src/libstddjb/prot_grps.c b/src/libstddjb/prot_grps.c
index cc4ba0d..c5ea35b 100644
--- a/src/libstddjb/prot_grps.c
+++ b/src/libstddjb/prot_grps.c
@@ -2,16 +2,26 @@
 
 /* MT-unsafe */
 
-#include <skalibs/nonposix.h>
 #include <unistd.h>
+#include <pwd.h>
 #include <grp.h>
 #include <limits.h>
+#include <errno.h>
 #include <skalibs/setgroups.h>
 #include <skalibs/djbunix.h>
 
 int prot_grps (char const *name)
 {
   gid_t tab[NGROUPS_MAX] ;
+  struct passwd *pw ;
   int n = prot_readgroups(name, tab, NGROUPS_MAX) ;
-  return n < 0 ? -1 : setgroups(n, tab) ;
+  if (n < 0) return n ;
+  errno = 0 ;
+  pw = getpwnam(name) ;
+  if (!pw)
+  {
+    if (!errno) errno = ENOENT ;
+    return -1 ;
+  }
+  return setgroups_and_gid(pw->pw_gid, n, tab) ;
 }
diff --git a/src/libstddjb/setgroups.c b/src/libstddjb/setgroups.c
index c7610ab..d064ed2 100644
--- a/src/libstddjb/setgroups.c
+++ b/src/libstddjb/setgroups.c
@@ -10,10 +10,9 @@
 #include <grp.h>
 #include <skalibs/setgroups.h>
 
-int setgroups_with_egid (size_t n, gid_t const *tab)
+int setgroups_and_gid (gid_t g, size_t n, gid_t const *tab)
 {
   size_t i = 1 ;
-  gid_t g = getegid() ;
   if (!n) return setgroups(1, &g) ;
   if (tab[0] == g) return setgroups(n, tab) ;
   for (; i < n ; i++) if (tab[i] == g) break ;
@@ -34,6 +33,11 @@ int setgroups_with_egid (size_t n, gid_t const *tab)
   }
 }
 
+int setgroups_with_egid (size_t n, gid_t const *tab)
+{
+  return setgroups_and_gid(getegid(), n, tab) ;
+}
+
 int skalibs_setgroups (size_t n, gid_t const *tab)
 {
 #ifdef SKALIBS_BSD_SUCKS