svn commit: r350857 - head/sbin/ping6

Alan Somers asomers at FreeBSD.org
Sun Aug 11 15:22:54 UTC 2019


Author: asomers
Date: Sun Aug 11 15:22:53 2019
New Revision: 350857
URL: https://svnweb.freebsd.org/changeset/base/350857

Log:
  ping6: Revoke root privilege earlier
  
  It can be done just after the sockets have been created.
  
  Submitted by:	Ján Sučan <sucanjan at gmail.com>
  MFC after:	2 weeks
  Sponsored by:	Google, inc. (Google Summer of Code 2019)
  Differential Revision:	https://reviews.freebsd.org/D21213

Modified:
  head/sbin/ping6/ping6.c

Modified: head/sbin/ping6/ping6.c
==============================================================================
--- head/sbin/ping6/ping6.c	Sun Aug 11 08:24:56 2019	(r350856)
+++ head/sbin/ping6/ping6.c	Sun Aug 11 15:22:53 2019	(r350857)
@@ -659,6 +659,12 @@ main(int argc, char *argv[])
 		err(1, "socket srecv");
 	freeaddrinfo(res);
 
+	/* revoke root privilege */
+	if (seteuid(getuid()) != 0)
+		err(1, "seteuid() failed");
+	if (setuid(getuid()) != 0)
+		err(1, "setuid() failed");
+
 	/* set the source address if specified. */
 	if ((options & F_SRCADDR) != 0) {
 		/* properly fill sin6_scope_id */
@@ -728,12 +734,6 @@ main(int argc, char *argv[])
 			err(1, "setsockopt(IPV6_RECVRTHDRDSTOPTS)");
 #endif
 	}
-
-	/* revoke root privilege */
-	if (seteuid(getuid()) != 0)
-		err(1, "seteuid() failed");
-	if (setuid(getuid()) != 0)
-		err(1, "setuid() failed");
 
 	if ((options & F_FLOOD) && (options & F_INTERVAL))
 		errx(1, "-f and -i incompatible options");


More information about the svn-src-head mailing list