HomeFreeBSD
Diffusion FreeBSD src repository 1501ecebf5af

comsat: Improve use of setuid()
1501ecebf5af
Actions

Description

comsat: Improve use of setuid()

Just return from jkfprintf if either (a) user lookup fails (that is,
getpwnam fails) or (b) setuid() to the user's uid fails. If comsat is
invoked from inetd using the default of tty:tty we will now return due
to setuid() failing rather than fopen() failing.

PR: 270404
Reviewed by: kevans
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47823

(cherry picked from commit 062b69ba045dc0fef3d9b8d73365d2798c05a480)

comsat: Use initgroups and setgid not just setuid

PR: 270404
Reviewed by: jlduran
Obtained from: NetBSD
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47828

(cherry picked from commit d4dd9e22c13896e6b5e2a6fc78dad4f8496cc14d)

comsat: move uid/gid setting earlier

It's good to reduce privilege as early as possible.

Suggested by: jlduran
Reviewed by: jlduran
Obtained from: NetBSD
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47869

(cherry picked from commit 91629228e3df14997df12ffc6e7be6b9964e5463)

Details

Provenance
emasteAuthored on Nov 27 2024, 8:36 PM
desCommitted on Aug 5 2025, 11:52 AM
Reviewer
kevans
Differential Revision
Restricted Differential Revision
Parents
rG39bc7081b8a9: xargs: Limit -n to {ARG_MAX}
Branches
Unknown
Tags
Unknown

Event Timeline

des committed rG1501ecebf5af: comsat: Improve use of setuid() (authored by emaste).Aug 5 2025, 11:52 AM
des added an edge: Restricted Differential Revision.

Changes (1)

PathSize
libexec/
comsat/

rG1501ecebf5af

View Options

libexec/comsat/comsat.c

Loading...