From b8ac29e80fde7fa02aad16807b18e291eddf3602 Mon Sep 17 00:00:00 2001 From: Karel Zak Date: Mon, 22 Oct 2012 13:13:02 +0200 Subject: login: fix compiler warning [-Wunused-result] It's probably unnecessary paranoia, but let's check if we're able to restore the original IDs after ~/.hushlogin file check. Signed-off-by: Karel Zak --- login-utils/login.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'login-utils/login.c') diff --git a/login-utils/login.c b/login-utils/login.c index f37718753..53df1345a 100644 --- a/login-utils/login.c +++ b/login-utils/login.c @@ -1031,13 +1031,17 @@ static int get_hushlogin_status(struct passwd *pwd) gid_t egid = getegid(); sprintf(buf, "%s/%s", pwd->pw_dir, file); - setregid(-1, pwd->pw_gid); - setreuid(0, pwd->pw_uid); - ok = effective_access(buf, O_RDONLY) == 0; - setuid(0); /* setreuid doesn't do it alone! */ - setreuid(ruid, 0); - setregid(-1, egid); + if (setregid(-1, pwd->pw_gid) == 0 && + setreuid(0, pwd->pw_uid) == 0) + ok = effective_access(buf, O_RDONLY) == 0; + + if (setuid(0) != 0 || + setreuid(ruid, 0) != 0 || + setregid(-1, egid) != 0) { + syslog(LOG_ALERT, _("hush login status: restore original IDs failed")); + exit(EXIT_FAILURE); + } if (ok) return 1; /* enabled by user */ } -- cgit v1.2.3-55-g7522