diff options
| author | Daniel Shahaf <d.s@daniel.shahaf.name> | 2016-12-02 12:08:26 +0000 |
|---|---|---|
| committer | Daniel Shahaf <d.s@daniel.shahaf.name> | 2016-12-03 10:00:08 +0000 |
| commit | 334ed65e2765062a449897d70925255929eae8a8 (patch) | |
| tree | 3cbd5c8bd1c3ddaa4572d18d72bae33a2c2af756 | |
| parent | fd2ca229ddfc913f14f3b4b27fe8dcb25a5bba1d (diff) | |
| download | zsh-334ed65e2765062a449897d70925255929eae8a8.tar.gz zsh-334ed65e2765062a449897d70925255929eae8a8.tar.xz zsh-334ed65e2765062a449897d70925255929eae8a8.zip | |
40068: Abort execution when setuid/setgid fail.
The incumbent code would print an error message and continue execution
with the previous uid/gid values, not even setting lastval:
% UID=42 id -u; echo $?
zsh: failed to change user ID: operation not permitted
1000
0
%
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | Src/params.c | 8 | ||||
| -rw-r--r-- | Test/B02typeset.ztst | 10 |
3 files changed, 17 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog index 20574d17e..eb29a06cb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ 2016-12-03 Daniel Shahaf <d.s@daniel.shahaf.name> + * 40068: Src/params.c, Test/B02typeset.ztst: Abort execution + when setuid/setgid fail. + * 40067: Src/Zle/comp.h, Src/Zle/complete.c, Src/params.c: internal: Document 'cmatcher', parse_cmatcher(), 'comptoend', unsetparam_pm(), and getindex(). diff --git a/Src/params.c b/Src/params.c index 21a910190..c64d7486b 100644 --- a/Src/params.c +++ b/Src/params.c @@ -4077,7 +4077,7 @@ uidsetfn(UNUSED(Param pm), zlong x) { #ifdef HAVE_SETUID if (setuid((uid_t)x)) - zwarn("failed to change user ID: %e", errno); + zerr("failed to change user ID: %e", errno); #endif } @@ -4098,7 +4098,7 @@ euidsetfn(UNUSED(Param pm), zlong x) { #ifdef HAVE_SETEUID if (seteuid((uid_t)x)) - zwarn("failed to change effective user ID: %e", errno); + zerr("failed to change effective user ID: %e", errno); #endif } @@ -4119,7 +4119,7 @@ gidsetfn(UNUSED(Param pm), zlong x) { #ifdef HAVE_SETUID if (setgid((gid_t)x)) - zwarn("failed to change group ID: %e", errno); + zerr("failed to change group ID: %e", errno); #endif } @@ -4140,7 +4140,7 @@ egidsetfn(UNUSED(Param pm), zlong x) { #ifdef HAVE_SETEUID if (setegid((gid_t)x)) - zwarn("failed to change effective group ID: %e", errno); + zerr("failed to change effective group ID: %e", errno); #endif } diff --git a/Test/B02typeset.ztst b/Test/B02typeset.ztst index 6d85a63fe..9c56c7e5e 100644 --- a/Test/B02typeset.ztst +++ b/Test/B02typeset.ztst @@ -711,3 +711,13 @@ typeset isreadonly=still 1:typeset returns status 1 if setting readonly variable ?(eval):2: read-only variable: isreadonly + + if (( UID )); then + UID=$((UID+1)) date; echo "Status is printed, $?" + else + ZTST_skip="cannot test setuid error when tests run as superuser" + fi +0:when cannot change UID, the command isn't run +# 'date' did not run. +>Status is printed, 1 +?(eval):2: failed to change user ID: operation not permitted |