>From d8f54230f344c92f2120230dc24ac9c5d6672da9 Mon Sep 17 00:00:00 2001 From: "Yuriy M. Kaminskiy" Date: Wed, 2 Jan 2013 01:53:39 +0400 Subject: [PATCH 4/7] arping, ping_common: reset euid before permanent drop setuid drop saved uid only if euid is 0 --- arping.c | 4 ++++ ping_common.c | 4 ++++ 2 files changed, 8 insertions(+), 0 deletions(-) diff --git a/arping.c b/arping.c index a35fafd..0033f33 100644 --- a/arping.c +++ b/arping.c @@ -269,6 +269,10 @@ void drop_capabilities(void) cap_free(cap_p); #else + if (seteuid(euid)) { + perror("arping: setuid"); + return -1; + } if (setuid(getuid()) < 0) { perror("arping: setuid"); exit(-1); diff --git a/ping_common.c b/ping_common.c index 12c87a4..39b2c74 100644 --- a/ping_common.c +++ b/ping_common.c @@ -199,6 +199,10 @@ void drop_capabilities(void) } cap_free(cap); #else + if (seteuid(euid)) { + perror("seteuid"); + exit(-1); + } if (setuid(getuid())) { perror("ping: setuid"); exit(-1); -- 1.7.6.3