version 1.7, 2002/09/16 13:27:40
|
version 1.8, 2002/09/19 02:02:59
|
Line 16
|
Line 16
|
use strict; |
use strict; |
my $noprint = 1; |
my $noprint = 1; |
|
|
|
|
|
|
|
print "In pwchange\n" unless $noprint; |
|
print "Real uid = $< effective uid = $> \n" unless $noprint; |
# ------------------------------------------------------------------ Untainting |
# ------------------------------------------------------------------ Untainting |
$ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information. |
$ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information. |
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints |
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints |
|
|
# ---------------------------- Make sure this process is running from user=root |
# ---------------------------- Make sure this process is running from user=root |
my $wwwid=getpwnam('www'); |
|
if (0!=$<) { |
if (0 != $<) { |
print "Username not www" unless $noprint; |
print "Username not root" unless $noprint; |
exit 1; |
exit 1; |
} |
} |
# ----------------------------------------------- If not running setuid as root |
# ----------------------------------------------- If not running setuid as root |