diff options
| author | David E. O'Brien <obrien@FreeBSD.org> | 1999-05-08 00:46:06 +0000 |
|---|---|---|
| committer | David E. O'Brien <obrien@FreeBSD.org> | 1999-05-08 00:46:06 +0000 |
| commit | dd5288f3a5158d3e9723d8accf000943cd2b2905 (patch) | |
| tree | 8b55bb3733a61eae9fb9c8cee25b18baa47adda8 /usr.bin/finger/finger.c | |
| parent | f66190fa14230b3cfd16305cc726564392af4c34 (diff) | |
Impliment elements of TCP Wrappers's `safe_finger'.
* if run by root (or root process) drop privs
* ensure output size is not infinate (net finger only)
* ensure output lines are not infinate in length (net finger only)
* do not allow finger client to run longer than 3 minutes (net finger only)
Notes
Notes:
svn path=/head/; revision=46662
Diffstat (limited to 'usr.bin/finger/finger.c')
| -rw-r--r-- | usr.bin/finger/finger.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/usr.bin/finger/finger.c b/usr.bin/finger/finger.c index 091ac1675798..8a2cb2b39d19 100644 --- a/usr.bin/finger/finger.c +++ b/usr.bin/finger/finger.c @@ -55,7 +55,7 @@ static char copyright[] = static char sccsid[] = "@(#)finger.c 8.5 (Berkeley) 5/4/95"; #else static const char rcsid[] = - "$Id$"; + "$Id: finger.c,v 1.12 1997/07/02 06:34:48 charnier Exp $"; #endif #endif /* not lint */ @@ -154,6 +154,17 @@ main(argc, argv) { int envargc, argcnt; char *envargv[3]; + struct passwd *pw; + + if (getuid() == 0 || geteuid() == 0) { + if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) { + setgid(pw->pw_gid); + setuid(pw->pw_uid); + } else { + setgid(UNPRIV_UGID); + setuid(UNPRIV_UGID); + } + } (void) setlocale(LC_ALL, ""); |