From a199d23dfa0d5967d574883967adce7d2f0fd548 Mon Sep 17 00:00:00 2001
From: tg <tg@mirbsd.org>
Date: Fri, 10 Nov 2006 06:27:09 +0000
Subject: [PATCH] use setresuid(2) and friends instead, saves 88t 4d 1i XXX
 revisit this if we encounter systems without at least XXX one of setresuid,
 setresgid, setgroups - only tested on BSD

---
 main.c | 11 +++--------
 misc.c | 11 ++++++-----
 sh.h   |  5 +----
 3 files changed, 10 insertions(+), 17 deletions(-)

diff --git a/main.c b/main.c
index c9d06e3..a86db97 100644
--- a/main.c
+++ b/main.c
@@ -13,7 +13,7 @@
 #include <locale.h>
 #endif
 
-__RCSID("$MirOS: src/bin/mksh/main.c,v 1.56 2006/11/10 05:27:43 tg Exp $");
+__RCSID("$MirOS: src/bin/mksh/main.c,v 1.57 2006/11/10 06:27:09 tg Exp $");
 
 extern char **environ;
 
@@ -224,12 +224,7 @@ main(int argc, char *argv[])
 			;
 	}
 
-	ksheuid = geteuid();
-	kshuid = getuid();
-	kshegid = getegid();
-	kshgid = getgid();
-
-	safe_prompt = ksheuid ? "$ " : "# ";
+	safe_prompt = (ksheuid = geteuid()) ? "$ " : "# ";
 	vp = global("PS1");
 	/* Set PS1 if unset or we are root and prompt doesn't contain a # */
 	if (!(vp->flag & ISSET) ||
@@ -238,7 +233,7 @@ main(int argc, char *argv[])
 		setstr(vp, safe_prompt, KSH_RETURN_ERROR);
 
 	/* Set this before parsing arguments */
-	Flag(FPRIVILEGED) = kshuid != ksheuid || kshgid != kshegid;
+	Flag(FPRIVILEGED) = getuid() != ksheuid || getgid() != getegid();
 
 	/* this to note if monitor is set on command line (see below) */
 	Flag(FMONITOR) = 127;
diff --git a/misc.c b/misc.c
index d0ffef1..c76b810 100644
--- a/misc.c
+++ b/misc.c
@@ -3,7 +3,7 @@
 
 #include "sh.h"
 
-__RCSID("$MirOS: src/bin/mksh/misc.c,v 1.34 2006/11/10 05:21:38 tg Exp $\t"
+__RCSID("$MirOS: src/bin/mksh/misc.c,v 1.35 2006/11/10 06:27:09 tg Exp $\t"
 	MKSH_SH_H_ID);
 
 #undef USE_CHVT
@@ -239,10 +239,11 @@ change_flag(enum sh_flag f,
 		Flag(f) = newval;
 	} else if (f == FPRIVILEGED && oldval && !newval) {
 		/* Turning off -p? */
-		seteuid(ksheuid = kshuid = getuid());
-		setuid(ksheuid);
-		setegid(kshegid = kshgid = getgid());
-		setgid(kshegid);
+		gid_t kshegid = getgid();
+
+		setresgid(kshegid, kshegid, kshegid);
+		setgroups(1, &kshegid);
+		setresuid(ksheuid, ksheuid, ksheuid);
 	} else if (f == FPOSIX && newval) {
 		Flag(FBRACEEXPAND) = 0;
 	}
diff --git a/sh.h b/sh.h
index 139eac7..1d5d349 100644
--- a/sh.h
+++ b/sh.h
@@ -8,7 +8,7 @@
 /*	$OpenBSD: c_test.h,v 1.4 2004/12/20 11:34:26 otto Exp $	*/
 /*	$OpenBSD: tty.h,v 1.5 2004/12/20 11:34:26 otto Exp $	*/
 
-#define MKSH_SH_H_ID "$MirOS: src/bin/mksh/sh.h,v 1.75 2006/11/10 06:16:25 tg Exp $"
+#define MKSH_SH_H_ID "$MirOS: src/bin/mksh/sh.h,v 1.76 2006/11/10 06:27:09 tg Exp $"
 #define MKSH_VERSION "R29 2006/11/10"
 
 #if HAVE_SYS_PARAM_H
@@ -162,9 +162,6 @@ EXTERN	char *kshname;		/* $0 */
 EXTERN	pid_t kshpid;		/* $$, shell pid */
 EXTERN	pid_t procpid;		/* pid of executing process */
 EXTERN	uid_t ksheuid;		/* effective uid of shell */
-EXTERN	uid_t kshuid;		/* real uid of shell */
-EXTERN	gid_t kshegid;		/* effective gid of shell */
-EXTERN	gid_t kshgid;		/* real gid of shell */
 EXTERN	int exstat;		/* exit status */
 EXTERN	int subst_exstat;	/* exit status of last $(..)/`..` */
 EXTERN	const char *safe_prompt; /* safe prompt if PS1 substitution fails */