home *** CD-ROM | disk | FTP | other *** search
/ Usenet 1994 January / usenetsourcesnewsgroupsinfomagicjanuary1994.iso / sources / misc / volume5 / secure.pch1 < prev    next >
Encoding:
Internet Message Format  |  1989-02-03  |  1.0 KB
  1. Path: xanth!nic.MR.NET!hal!ncoast!allbery
  2. From: dg@lakart.UUCP (David Goodenough)
  3. Newsgroups: comp.sources.misc
  4. Subject: v05i095: Secure patch1 -- official fix for the big hole
  5. Message-ID: <8812201433.AA07627@lakart.UUCP>
  6. Date: 29 Dec 88 01:49:14 GMT
  7. Sender: allbery@ncoast.UUCP
  8. Reply-To: dg@lakart.UUCP (David Goodenough)
  9. Lines: 23
  10. Approved: allbery@ncoast.UUCP
  11.  
  12. Posting-number: Volume 5, Issue 95
  13. Submitted-by: "David Goodenough" <dg@lakart.UUCP>
  14. Archive-name: secure.patch1
  15.  
  16. [This was received as part of a mail message containing discussion about
  17. the "secure" program; it not being my habit to broadcast private mail, I've
  18. trimmed the rest.  However, the "patch" below is NOT a diff and must be
  19. applied by hand.  If you haven't already done it yourself.  ++bsa]
  20.  
  21. [P.S.  Another approach will be posted soon.  ++bsa]
  22.  
  23. OK - changing the following three lines:
  24.  
  25. <    strcpy(program, a[0]);
  26. <    a[0] = "SEC-URE";
  27. <    execv(program, a);    /* re exec ourselves so setuid bits work */
  28.  
  29. to
  30.  
  31. >    a[0] = "SEC-URE"
  32. >    execv("/bin/secure", a);
  33.  
  34. and the problem goes away.
  35.