diff options
author | Nick Kralevich <nnk@google.com> | 2012-04-02 13:29:35 -0700 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2012-04-02 13:29:35 -0700 |
commit | 17928c8ab5e696517cd03969364f7288ab5b911c (patch) | |
tree | b5e9876921c8be98b363635023ca350bcb028093 /su | |
parent | 2e5c52322d54d0f98d36b499fcaa31a0e84ca87c (diff) | |
download | extras-17928c8ab5e696517cd03969364f7288ab5b911c.tar.gz |
su: do uid check earlier.
Change-Id: Ied4894019d2b0021e7f727569ff85650d209e5da
Diffstat (limited to 'su')
-rw-r--r-- | su/su.c | 14 |
1 files changed, 7 insertions, 7 deletions
@@ -44,6 +44,13 @@ int main(int argc, char **argv) struct passwd *pw; int uid, gid, myuid; + /* Until we have something better, only root and the shell can use su. */ + myuid = getuid(); + if (myuid != AID_ROOT && myuid != AID_SHELL) { + fprintf(stderr,"su: uid %d not allowed to su\n", myuid); + return 1; + } + if(argc < 2) { uid = gid = 0; } else { @@ -57,13 +64,6 @@ int main(int argc, char **argv) } } - /* Until we have something better, only root and the shell can use su. */ - myuid = getuid(); - if (myuid != AID_ROOT && myuid != AID_SHELL) { - fprintf(stderr,"su: uid %d not allowed to su\n", myuid); - return 1; - } - if(setgid(gid) || setuid(uid)) { fprintf(stderr,"su: permission denied\n"); return 1; |