home *** CD-ROM | disk | FTP | other *** search
/ Source Code 1992 March / Source_Code_CD-ROM_Walnut_Creek_March_1992.iso / usenet / compsrcs / misc / volume05 / secure.pc1 < prev    next >
Encoding:
Internet Message Format  |  1991-08-27  |  1.2 KB
  1. From decwrl!ucbvax!pasteur!ames!xanth!nic.MR.NET!hal!ncoast!allbery Thu Dec 29 19:06:54 PST 1988
  2. Article 771 of comp.sources.misc:
  3. Path: granite!decwrl!ucbvax!pasteur!ames!xanth!nic.MR.NET!hal!ncoast!allbery
  4. From: dg@lakart.UUCP (David Goodenough)
  5. Newsgroups: comp.sources.misc
  6. Subject: v05i095: Secure patch1 -- official fix for the big hole
  7. Message-ID: <8812201433.AA07627@lakart.UUCP>
  8. Date: 29 Dec 88 01:49:14 GMT
  9. Sender: allbery@ncoast.UUCP
  10. Reply-To: dg@lakart.UUCP (David Goodenough)
  11. Lines: 23
  12. Approved: allbery@ncoast.UUCP
  13.  
  14. Posting-number: Volume 5, Issue 95
  15. Submitted-by: "David Goodenough" <dg@lakart.UUCP>
  16. Archive-name: secure.patch1
  17.  
  18. [This was received as part of a mail message containing discussion about
  19. the "secure" program; it not being my habit to broadcast private mail, I've
  20. trimmed the rest.  However, the "patch" below is NOT a diff and must be
  21. applied by hand.  If you haven't already done it yourself.  ++bsa]
  22.  
  23. [P.S.  Another approach will be posted soon.  ++bsa]
  24.  
  25. OK - changing the following three lines:
  26.  
  27. <    strcpy(program, a[0]);
  28. <    a[0] = "SEC-URE";
  29. <    execv(program, a);    /* re exec ourselves so setuid bits work */
  30.  
  31. to
  32.  
  33. >    a[0] = "SEC-URE"
  34. >    execv("/bin/secure", a);
  35.  
  36. and the problem goes away.
  37.  
  38.  
  39.