Zsh Mailing List Archive
Messages sorted by:
Reverse Date,
Date,
Thread,
Author
Re: [PATCH] Silence compilation warnings about setuid, setgid
- X-seq: zsh-workers 43008
- From: Peter Stephenson <p.stephenson@xxxxxxxxxxx>
- To: Zsh hackers list <zsh-workers@xxxxxxx>
- Subject: Re: [PATCH] Silence compilation warnings about setuid, setgid
- Date: Thu, 14 Jun 2018 09:41:23 +0100
- Cms-type: 201P
- Dkim-filter: OpenDKIM Filter v2.11.0 mailout2.w1.samsung.com 20180614084130euoutp021b84a94ea9ea8b875a3e6c964cf73c04~3_jHqrE1h0506205062euoutp02W
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samsung.com; s=mail20170921; t=1528965690; bh=LGG4BglQbfsfm5JX3Drx9x30smmaDIfKLJyvQFm2kA4=; h=Date:From:To:Subject:In-Reply-To:References:From; b=fMj25azDgVPoy0Wta76WLjQjGqZ3cIwvrbwLKMs0yXJuF8rxwiXcWHFDKJRBDMoP7 XCkwj1YVS/Xq80+OQBWRn5tXO4i97KiItFVkrRBNuLxxZqHY3mGWalY8JIdTyji3BY ASKfbauLjQLgbBrcjC2oy672lFmURMDpkh4H6dCk=
- In-reply-to: <25A87D83-CBB6-446E-9008-DA413639AC7D@dana.is>
- List-help: <mailto:zsh-workers-help@zsh.org>
- List-id: Zsh Workers List <zsh-workers.zsh.org>
- List-post: <mailto:zsh-workers@zsh.org>
- List-unsubscribe: <mailto:zsh-workers-unsubscribe@zsh.org>
- Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
- Organization: SCSC
- References: <CAKc7PVBWHsOhpC7mZcL4DA0ih=3yJF-HYe+We=r0q1oXA_s38g@mail.gmail.com> <CGME20180613115039epcas5p3f7e70bdce12919686a5dec9895782138@epcas5p3.samsung.com> <CAF6rxgmVA5KtcRoaVZi5P=6OtQdLPzHJowbBm+eyp0Zjea19Sg@mail.gmail.com> <20180613131021eucas1p263704fa9832375e6a49cf7f2077606dc~3ukj6hhqT1702017020eucas1p2W@eucas1p2.samsung.com> <CAH+w=7Z5hNeLpoUkGDMnuk3PRF3BX7+z=EdHQHTVtj1pgasrAA@mail.gmail.com> <CAF6rxg=Y1BSfoQLMgyLj4ahJcRp36AN8n2=hwFgxqQ4h0VkAYw@mail.gmail.com> <20180613171924eucas1p1ffdbcc9252255b19e36788fd06a7f582~3x_Aqkahf0839108391eucas1p1U@eucas1p1.samsung.com> <25A87D83-CBB6-446E-9008-DA413639AC7D@dana.is>
On Wed, 13 Jun 2018 13:41:25 -0500
dana <dana@xxxxxxx> wrote:
> On 13 Jun 2018, at 12:19, Peter Stephenson <p.stephenson@xxxxxxxxxxx>
> wrote:
> >+ (void)setgid(getgid());
>
> Casting to void doesn't actually silence this warning with (at least
> some versions of) GCC/glibc. If the function has the
> warn_unused_result attribute, you have to (a) disable the warning
> entirely, (b) actually use the result somehow, or (c) use some hack
> like this:
> http://git.savannah.gnu.org/cgit/gnulib.git/tree/lib/ignore-value.h
Something like the following therefore ought to work generally.
Disabling an explicit cast to void is pretty broken behaviour, so I'm
gradually losing interest if for some reason this doesn't work.
pws
diff --git a/Src/options.c b/Src/options.c
index 590652e..600b649 100644
--- a/Src/options.c
+++ b/Src/options.c
@@ -769,15 +769,32 @@ dosetopt(int optno, int value, int force, char *new_opts)
} else if(optno == PRIVILEGED && !value) {
/* unsetting PRIVILEGED causes the shell to make itself unprivileged */
#ifdef HAVE_SETUID
- setuid(getuid());
- setgid(getgid());
- if (setuid(getuid())) {
- zwarn("failed to change user ID: %e", errno);
- return -1;
- } else if (setgid(getgid())) {
+ int ignore_err;
+ errno = 0;
+ /*
+ * Set the GID first as if we set the UID to non-privileged it
+ * might be impossible to restore the GID.
+ *
+ * Some OSes (possibly no longer around) have been known to
+ * fail silently the first time, so we attempt the change twice.
+ * If it fails we are guaranteed to pick this up the second
+ * time, so ignore the first time.
+ *
+ * Some versions of gcc make it hard to ignore the results the
+ * first time, hence the following. (These are probably not
+ * systems that require the doubled calls.)
+ */
+ ignore_err = setgid(getgid());
+ (void)ignore_err;
+ ignore_err = setuid(getuid());
+ (void)ignore_err;
+ if (setgid(getgid())) {
zwarn("failed to change group ID: %e", errno);
return -1;
- }
+ } else if (setuid(getuid())) {
+ zwarn("failed to change user ID: %e", errno);
+ return -1;
+ }
#else
zwarn("setuid not available");
return -1;
Messages sorted by:
Reverse Date,
Date,
Thread,
Author