From 8843aa41a74b4d3b3dc69fee339d2e64cb5c778f Mon Sep 17 00:00:00 2001
From: Sami Kerola
Date: Tue, 2 Feb 2016 13:40:10 +0000
Subject: swapon: do not run execvp() calls when swapon is setuid binary

swapon(8) is not expected to be setuid binary, but if it is try to avoid
obvious security vulnerability of executing user preferred mkswap file as
someone else, such as root.

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
---
 sys-utils/swapon.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'sys-utils/swapon.c')

diff --git a/sys-utils/swapon.c b/sys-utils/swapon.c
index 5ad5cd1f3..be8f7718b 100644
--- a/sys-utils/swapon.c
+++ b/sys-utils/swapon.c
@@ -297,6 +297,10 @@ static int swap_reinitialize(struct swapon_ctl *ctl)
 	char const *cmd[7];
 	int idx=0;
 
+	if (geteuid() != getuid()) {
+		warnx(_("will not execute mkswap when swapon is setuid binary"));
+		return -1;
+	}
 	warnx(_("%s: reinitializing the swap."), ctl->device);
 
 	switch((pid=fork())) {
-- 
cgit v1.2.3-55-g7522