if(getuid() == 0) {
if(initgroups(pwd->pw_name, pwd->pw_gid)) {
flog(LOG_ERR, "could not init group list for %s: %s", pwd->pw_name, strerror(errno));
if(getuid() == 0) {
if(initgroups(pwd->pw_name, pwd->pw_gid)) {
flog(LOG_ERR, "could not init group list for %s: %s", pwd->pw_name, strerror(errno));
flog(LOG_ERR, "could not change to home directory for %s: %s", pwd->pw_name, strerror(errno));
exit(1);
}
flog(LOG_ERR, "could not change to home directory for %s: %s", pwd->pw_name, strerror(errno));
exit(1);
}
putenv(sprintf2("HOME=%s", pwd->pw_dir));
putenv(sprintf2("SHELL=%s", pwd->pw_shell));
putenv(sprintf2("USER=%s", pwd->pw_name));
putenv(sprintf2("HOME=%s", pwd->pw_dir));
putenv(sprintf2("SHELL=%s", pwd->pw_shell));
putenv(sprintf2("USER=%s", pwd->pw_name));
/* There's whole load of other stuff one could want to do here --
* getting Kerberos credentials, running PAM session modules, and
* who knows what. I'll add them along as I find them useful. */
/* There's whole load of other stuff one could want to do here --
* getting Kerberos credentials, running PAM session modules, and
* who knows what. I'll add them along as I find them useful. */
- if(((fd = open(".ashd/output", O_APPEND)) >= 0) ||
- ((fd = open("/dev/null", 0)) >= 0)) {
+ if(((fd = open(".ashd/output", O_WRONLY | O_APPEND)) >= 0) ||
+ ((fd = open("/dev/null", O_WRONLY)) >= 0)) {
- if(((fd = open(".ashd/error", O_APPEND)) >= 0) ||
- ((fd = open("/dev/null", 0)) >= 0)) {
+ if(((fd = open(".ashd/error", O_WRONLY | O_APPEND)) >= 0) ||
+ ((fd = open("/dev/null", O_WRONLY)) >= 0)) {
/* XXX: There should be a way for the child to report errors (like
* 404 when htpub doesn't exist), but for now I don't bother with
/* XXX: There should be a way for the child to report errors (like
* 404 when htpub doesn't exist), but for now I don't bother with
if(usr->fd < 0)
usr->fd = forkchild(usr->name);
if(sendreq(usr->fd, req, fd)) {
if(usr->fd < 0)
usr->fd = forkchild(usr->name);
if(sendreq(usr->fd, req, fd)) {
case 'm':
if((minuid = atoi(optarg)) < 1) {
fprintf(stderr, "userplex: argument to -m must be greater than 0\n");
case 'm':
if((minuid = atoi(optarg)) < 1) {
fprintf(stderr, "userplex: argument to -m must be greater than 0\n");