diff options
author | Miles Bader <miles@gnu.org> | 1997-04-25 17:39:43 +0000 |
---|---|---|
committer | Miles Bader <miles@gnu.org> | 1997-04-25 17:39:43 +0000 |
commit | e8663a527d3cf72e84ebc04b0d71e70603f91bd5 (patch) | |
tree | a5d50318ab704de58762eaa52f54ff6bc3c94c1d | |
parent | c1da226161fc994c977c2bcf47d214f9bee4ee28 (diff) |
(main):
Use the parent process's auth port instead of the hurdids process's, because
hurdids is usually installed setuid.
-rw-r--r-- | utils/hurdids.c | 49 |
1 files changed, 28 insertions, 21 deletions
diff --git a/utils/hurdids.c b/utils/hurdids.c index 39dee9d1..64c1daa4 100644 --- a/utils/hurdids.c +++ b/utils/hurdids.c @@ -53,6 +53,8 @@ void main(int argc, char *argv[]) { error_t err; + task_t task; + mach_port_t msgport; int pid = -1; auth_t auth = getauth (); process_t proc = getproc (); @@ -152,27 +154,32 @@ main(int argc, char *argv[]) if (! show_names && ! show_ids) show_names = show_ids = 1; - if (pid >= 0) - /* Get the auth port from PID instead of using our own. */ - { - mach_port_t msgport; - task_t task; - - err = proc_getmsgport (proc, pid, &msgport); - if (err) - error (5, err, "%d: Cannot get process msgport", pid); - - err = proc_pid2task (proc, pid, &task); - if (err) - err = msg_get_init_port (msgport, auth, INIT_PORT_AUTH, &auth); - else - err = msg_get_init_port (msgport, task, INIT_PORT_AUTH, &auth); - if (err) - error (6, err, "%d: Cannot get process authentication", pid); - - mach_port_deallocate (mach_task_self (), msgport); - mach_port_deallocate (mach_task_self (), task); - } + if (pid < 0) + /* We get our parent's authentication instead of our own because this + program is usually installed setuid. This should work even if it's + not installed setuid, using the auth port as authentication to the + msg_get_init_port rpc. */ + pid = getppid (); + + /* Get a msgport for PID, to which we can send requests. */ + err = proc_getmsgport (proc, pid, &msgport); + if (err) + error (5, err, "%d: Cannot get process msgport", pid); + + /* Try to get the task port to use as authentication. */ + err = proc_pid2task (proc, pid, &task); + + /* Now fetch the auth port; if we couldn't get the task port to use for + authentication, we try the (old) auth port instead. */ + if (err) + err = msg_get_init_port (msgport, auth, INIT_PORT_AUTH, &auth); + else + err = msg_get_init_port (msgport, task, INIT_PORT_AUTH, &auth); + if (err) + error (6, err, "%d: Cannot get process authentication", pid); + + mach_port_deallocate (mach_task_self (), msgport); + mach_port_deallocate (mach_task_self (), task); /* Get the ids that AUTH represents. */ err = idvec_merge_auth (&euids, &auids, &egids, &agids, auth); |