summaryrefslogtreecommitdiff
path: root/modules/pam_env/pam_env.c
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_env/pam_env.c')
-rw-r--r--modules/pam_env/pam_env.c13
1 files changed, 9 insertions, 4 deletions
diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c
index 3a9eebea..8ac8ed33 100644
--- a/modules/pam_env/pam_env.c
+++ b/modules/pam_env/pam_env.c
@@ -23,7 +23,6 @@
#include <string.h>
#include <syslog.h>
#include <sys/stat.h>
-#include <sys/fsuid.h>
#include <sys/types.h>
#include <unistd.h>
@@ -791,9 +790,15 @@ handle_env (pam_handle_t *pamh, int argc, const char **argv)
return PAM_BUF_ERR;
}
if (stat(envpath, &statbuf) == 0) {
- uid_t fsuid = setfsuid(user_entry->pw_uid);
- retval = _parse_config_file(pamh, envpath);
- setfsuid(fsuid);
+ PAM_MODUTIL_DEF_PRIVS(privs);
+
+ if (pam_modutil_drop_priv(pamh, &privs, user_entry)) {
+ retval = PAM_SESSION_ERR;
+ } else {
+ retval = _parse_config_file(pamh, envpath);
+ if (pam_modutil_regain_priv(pamh, &privs))
+ retval = PAM_SESSION_ERR;
+ }
if (retval == PAM_IGNORE)
retval = PAM_SUCCESS;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-20 02:10:49 +0000