X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=common-src%2Fpipespawn.c;h=3574acc05cca24b248195a09462bf81f7ed778f4;hb=HEAD;hp=28f342bdc18f5a6e7564bde5a9a1f016c11018fc;hpb=afaa71b3866b46b082b6c895772e15b36d8865fe;p=debian%2Famanda

diff --git a/common-src/pipespawn.c b/common-src/pipespawn.c
index 28f342b..3574acc 100644
--- a/common-src/pipespawn.c
+++ b/common-src/pipespawn.c
@@ -81,7 +81,6 @@ pipespawnv_passwd(
     int *	stderrfd,
     char **	my_argv)
 {
-    int argc;
     pid_t pid;
     int i, inpipe[2], outpipe[2], errpipe[2], passwdpipe[2];
     char number[NUM_STR_SIZE];
@@ -101,17 +100,14 @@ pipespawnv_passwd(
 	passwdvar = *my_argv++;
 	passwdfd  = (int *)*my_argv++;
     }
-    g_debug("pipespawnv: stdoutfd is %d", *stdoutfd);
     memset(inpipe, -1, SIZEOF(inpipe));
     memset(outpipe, -1, SIZEOF(outpipe));
     memset(errpipe, -1, SIZEOF(errpipe));
     memset(passwdpipe, -1, SIZEOF(passwdpipe));
-    argc = 0;
 
     cmdline = stralloc(prog);
     for(arg = my_argv; *arg != NULL; arg++) {
 	if (*arg != skip_argument) {
-	    argc++;
 	    quoted = quote_string(*arg);
 	    cmdline = vstrextend(&cmdline, " ", quoted, NULL);
 	    amfree(quoted);
@@ -175,6 +171,7 @@ pipespawnv_passwd(
 	}
 	break;
     case 0:		/* child process */
+	debug_dup_stderr_to_debug();
 	if ((pipedef & STDIN_PIPE) != 0) {
 	    aclose(inpipe[1]);		/* close output side of pipe */
 	} else {
@@ -198,15 +195,18 @@ pipespawnv_passwd(
 	 * Shift the pipes to the standard file descriptors as requested.
 	 */
 	if(dup2(inpipe[0], 0) == -1) {
-	    error(_("error [spawn %s: dup2 in: %s]"), prog, strerror(errno));
+	    g_fprintf(stderr, "error [spawn %s: dup2 in: %s]", prog, strerror(errno));
+	    exit(1);
 	    /*NOTREACHED*/
 	}
 	if(dup2(outpipe[1], 1) == -1) {
-	    error(_("error [spawn %s: dup2 out: %s]"), prog, strerror(errno));
+	    g_fprintf(stderr, "error [spawn %s: dup2 out: %s]", prog, strerror(errno));
+	    exit(1);
 	    /*NOTREACHED*/
 	}
 	if(dup2(errpipe[1], 2) == -1) {
-	    error(_("error [spawn %s: dup2 err: %s]"), prog, strerror(errno));
+	    g_fprintf(stderr, "error [spawn %s: dup2 err: %s]", prog, strerror(errno));
+	    exit(1);
 	    /*NOTREACHED*/
 	}
 
@@ -231,8 +231,16 @@ pipespawnv_passwd(
 	    safe_fd(-1, 0);
 	}
 
-	if (need_root)
+	if (need_root) {
 	    become_root();
+	} else {
+	    /* if our real userid is zero, the child shouldn't inherit
+	     * that, so drop privs permanently */
+	    if (getuid() == 0 && !set_root_privs(-1)) {
+		error(_("could not drop root privileges"));
+	    }
+	}
+
 	execve(prog, my_argv, env);
 	e = strerror(errno);
 	error(_("error [exec %s: %s]"), prog, e);