Re: [PATCHv2 2/2] pt_chown: break gnulib link dependency

[Bruno Haible]

Eric,

> diff --git a/lib/pt_chown.c b/lib/pt_chown.c
> index ccc04fd..f654b2d 100644
> --- a/lib/pt_chown.c
> +++ b/lib/pt_chown.c
> @@ -30,22 +30,18 @@
> 
>  static int
> -do_pt_chown (void)
> +do_pt_chown (char *pty)
>  {
> -  char *pty;
>    struct stat st;
>    struct group *p;
>    gid_t gid;
> 
> -  /* Check that PTY_FILENO is a valid master pseudo terminal.  */
> -  pty = ptsname (PTY_FILENO);
> -  if (pty == NULL)
> -    return errno == EBADF ? FAIL_EBADF : FAIL_EINVAL;
> -
>    /* Check that the returned slave pseudo terminal is a
>       character device.  */
>    if (stat (pty, &st) < 0 || !S_ISCHR (st.st_mode))
> @@ -75,11 +71,11 @@ main (int argc, char *argv[])
>  {
>    uid_t euid = geteuid ();
> 
> -  if (argc == 1 && euid == 0)
> +  if (argc == 2 && argv[1][0] != '-' && euid == 0)
>      {
>        /* Normal invocation of this program is with no arguments and
>           with privileges.  */
> -      return do_pt_chown ();
> +      return do_pt_chown (argv[1]);
>      }
> 
>    /* It would be possible to drop setuid/setgid privileges here.  But it is 
> not
> @@ -123,11 +119,11 @@ main (int argc, char *argv[])
> 
>      if (do_help)
>        {
> -        printf ("Usage: pt_chown [OPTION...]\n");
> +        printf ("Usage: pt_chown [OPTION...] PTSNAME\n");

With this patch, 'pt_chown' would be a setuid-root executable that changes
the group id of the file passed as argument, and the only restriction would
be that it must be a character device. On Linux, this would include
/dev/audio, /dev/mixer (sound devices), /dev/fb0 (the framebuffer console),
/dev/nvram, and /dev/ttyS0 (serial connections). Malicious people can
certainly find ways to damage a system by using such a program. Therefore
such a program is a no-no, for security reasons.

Bruno
-- 
In memoriam Eduard Brücklmeier <http://en.wikipedia.org/wiki/Eduard_Brücklmeier>