security/mit-krb5/patches/patch-as


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

$NetBSD: patch-as,v 1.1 2006/08/09 17:31:10 salo Exp $

Security fix for SA21402.

--- lib/krb4/kuserok.c.orig	2003-03-05 04:38:51.000000000 +0100
+++ lib/krb4/kuserok.c	2006-08-09 18:52:53.000000000 +0200
@@ -159,9 +159,11 @@ kuserok(kdata, luser)
 	 */
         if(getuid() == 0) {
 	  uid_t old_euid = geteuid();
-	  seteuid(pwd->pw_uid);
+	  if (seteuid(pwd->pw_uid) < 0)
+	      return NOTOK;
 	  fp = fopen(pbuf, "r");
-	  seteuid(old_euid);	  
+	  if (seteuid(old_euid) < 0)
+	      return NOTOK;
 	  if ((fp) == NULL) {
 	    return(NOTOK);
 	  }