Mercurial Mercurial > upstream > illumos > illumos-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
usr/src/cmd/su/su.c
changeset 11537 8eca52188202
parent 8255 be9698108973
child 12969 9d6fa5bd011f
equal deleted inserted replaced
11536:4c36e6a8710f 11537:8eca52188202 
    17  * information: Portions Copyright [yyyy] [name of copyright owner]
 
    17  * information: Portions Copyright [yyyy] [name of copyright owner]
 
    18  *
 
    18  *
 
    19  * CDDL HEADER END
 
    19  * CDDL HEADER END
 
    20  */
 
    20  */
 
    21 /*
 
    21 /*
 
    22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
 
    22  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
 
    23  * Use is subject to license terms.
 
    23  * Use is subject to license terms.
 
    24  */
 
    24  */
 
    25 
    25 
    26 /*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
 
    26 /*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
 
    27 /*	  All Rights Reserved	*/
 
    27 /*	  All Rights Reserved	*/
 
   862 		    "adt_alloc_event(ADT_su_logout): %m");
 
   862 		    "adt_alloc_event(ADT_su_logout): %m");
 
   863 		return;
 
   863 		return;
 
   864 	}
 
   864 	}
 
   865 	if ((priv = priv_allocset())  == NULL) {
 
   865 	if ((priv = priv_allocset())  == NULL) {
 
   866 		syslog(LOG_AUTH | LOG_ALERT,
 
   866 		syslog(LOG_AUTH | LOG_ALERT,
 
   867 		    "su audit_logout: could not alloc privs: %m");
 
   867 		    "su audit_logout: could not alloc basic privs: %m");
 
   868 		adt_free_event(event);
 
   868 		adt_free_event(event);
 
   869 		return;
 
   869 		return;
 
   870 	}
 
   870 	}
 
   871 
   871 
   872 	/*
 
   872 	/*
 
   905 		    "su audit_logout: could not chdir /: %m");
 
   905 		    "su audit_logout: could not chdir /: %m");
 
   906 	}
 
   906 	}
 
   907 	/*
 
   907 	/*
 
   908 	 * Reduce privileges to just those needed.
 
   908 	 * Reduce privileges to just those needed.
 
   909 	 */
 
   909 	 */
 
   910 	priv_emptyset(priv);
 
   910 	priv_basicset(priv);
 
       
   911 	(void) priv_delset(priv, PRIV_PROC_EXEC);
 
       
   912 	(void) priv_delset(priv, PRIV_PROC_FORK);
 
       
   913 	(void) priv_delset(priv, PRIV_PROC_INFO);
 
       
   914 	(void) priv_delset(priv, PRIV_PROC_SESSION);
 
       
   915 	(void) priv_delset(priv, PRIV_FILE_LINK_ANY);
 
   911 	if ((priv_addset(priv, PRIV_PROC_AUDIT) != 0) ||
 
   916 	if ((priv_addset(priv, PRIV_PROC_AUDIT) != 0) ||
 
   912 	    (setppriv(PRIV_SET, PRIV_PERMITTED, priv) != 0)) {
 
   917 	    (setppriv(PRIV_SET, PRIV_PERMITTED, priv) != 0)) {
 
   913 		syslog(LOG_AUTH | LOG_ALERT,
 
   918 		syslog(LOG_AUTH | LOG_ALERT,
 
   914 		    "su audit_logout: could not reduce privs: %m");
 
   919 		    "su audit_logout: could not reduce privs: %m");
 
   915 	}
 
   920 	}
upstream/illumos/illumos-gate