| 12345678910111213141516171819202122232425262728293031323334353637 |
- --- busybox-1.4.0/applets/applets.c Fri Jan 19 22:23:11 2007
- +++ busybox-1.4.0-conf/applets/applets.c Wed Jan 24 10:15:49 2007
- @@ -340,20 +340,26 @@
- if (sct) {
- mode_t m = sct->m_mode;
-
- - if (sct->m_uid == ruid) /* same uid */
- + if (sct->m_uid == ruid)
- + /* same uid */
- m >>= 6;
- - else if ((sct->m_gid == rgid) || ingroup(ruid, sct->m_gid)) /* same group / in group */
- + else if ((sct->m_gid == rgid) || ingroup(ruid, sct->m_gid))
- + /* same group / in group */
- m >>= 3;
-
- if (!(m & S_IXOTH)) /* is x bit not set ? */
- bb_error_msg_and_die("you have no permission to run this applet!");
-
- - if ((sct->m_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { /* *both* have to be set for sgid */
- - xsetgid(sct->m_gid);
- - } else xsetgid(rgid); /* no sgid -> drop */
- -
- - if (sct->m_mode & S_ISUID) xsetuid(sct->m_uid);
- - else xsetuid(ruid); /* no suid -> drop */
- + if (sct->m_gid != 0) {
- + /* _both_ have to be set for sgid */
- + if ((sct->m_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
- + xsetgid(sct->m_gid);
- + } else xsetgid(rgid); /* no sgid -> drop */
- + }
- + if (sct->m_uid != 0) {
- + if (sct->m_mode & S_ISUID) xsetuid(sct->m_uid);
- + else xsetuid(ruid); /* no suid -> drop */
- + }
- } else {
- /* default: drop all privileges */
- xsetgid(rgid);
|
