--- rxvt-unicode/src/ptytty.C	2006/01/21 18:15:26	1.53
+++ rxvt-unicode/src/ptytty.C	2006/01/22 04:01:52	1.56
@@ -1,4 +1,7 @@
-/*--------------------------------*-C-*---------------------------------*
+// This file is part of libptytty. Do not make local modifications.
+// http://software.schmorp.de/pkg/libptytty
+
+/*----------------------------------------------------------------------*
  * File:	ptytty.C
  *----------------------------------------------------------------------*
  *
@@ -21,8 +24,9 @@
  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  *---------------------------------------------------------------------*/
 
-#include "../config.h"		/* NECESSARY */
-#include "rxvt.h"
+#include "../config.h"
+
+#include "ptytty.h"
 
 #include <cstdlib>
 #include <cstring>
@@ -54,10 +58,6 @@
 
 #include <cstdio>
 
-#include "rxvtutil.h"
-#include "fdpass.h"
-#include "ptytty.h"
-
 /////////////////////////////////////////////////////////////////////////////
 
 /* ------------------------------------------------------------------------- *
@@ -236,7 +236,7 @@
 
   int fd = open ("/dev/tty", O_WRONLY);
   if (fd < 0)
-    return -1;		/* fatal */
+    return -1; /* fatal */
 
   close (fd);
 
@@ -244,7 +244,7 @@
 }
 
 void
-rxvt_ptytty::close_tty ()
+ptytty::close_tty ()
 {
   if (tty < 0)
     return;
@@ -254,13 +254,13 @@
 }
 
 bool
-rxvt_ptytty::make_controlling_tty ()
+ptytty::make_controlling_tty ()
 {
   return control_tty (tty) >= 0;
 }
 
 void
-rxvt_ptytty::set_utf8_mode (bool on)
+ptytty::set_utf8_mode (bool on)
 {
 #ifdef IUTF8
   if (pty < 0)
@@ -309,7 +309,7 @@
     }
 } ttyconf;
 
-rxvt_ptytty_unix::rxvt_ptytty_unix ()
+ptytty_unix::ptytty_unix ()
 {
   name = 0;
 #if UTMP_SUPPORT
@@ -317,7 +317,7 @@
 #endif
 }
 
-rxvt_ptytty_unix::~rxvt_ptytty_unix ()
+ptytty_unix::~ptytty_unix ()
 {
 #if UTMP_SUPPORT
   logout ();
@@ -326,7 +326,7 @@
 }
 
 void
-rxvt_ptytty_unix::put ()
+ptytty_unix::put ()
 {
   chmod (name, RESTORE_TTY_MODE);
   chown (name, 0, ttyconf.gid);
@@ -343,7 +343,7 @@
 }
 
 bool
-rxvt_ptytty_unix::get ()
+ptytty_unix::get ()
 {
   /* get master (pty) */
   if ((pty = get_pty (&tty, &name)) < 0)
@@ -374,32 +374,37 @@
 
 #if PTYTTY_HELPER
 
-static int sock_fd;
-static int pid;
+static int sock_fd = -1;
+static int helper_pid, owner_pid;
 
 struct command
 {
   enum { get, login, destroy } type;
 
-  rxvt_ptytty *id;
+  ptytty *id;
 
   bool login_shell;
   int cmd_pid;
   char hostname[512]; // arbitrary, but should be plenty
 };
 
-struct rxvt_ptytty_proxy : zero_initialized, rxvt_ptytty
+struct ptytty_proxy : ptytty
 {
-  rxvt_ptytty *id;
+  ptytty *id;
+
+  ptytty_proxy ()
+  : id(0)
+  {
+  }
 
-  ~rxvt_ptytty_proxy ();
+  ~ptytty_proxy ();
 
   bool get ();
   void login (int cmd_pid, bool login_shell, const char *hostname);
 };
 
 bool
-rxvt_ptytty_proxy::get ()
+ptytty_proxy::get ()
 {
   command cmd;
 
@@ -408,20 +413,20 @@
   write (sock_fd, &cmd, sizeof (cmd));
 
   if (read (sock_fd, &id, sizeof (id)) != sizeof (id))
-    rxvt_fatal ("protocol error while creating pty using helper process, aborting.\n");
+    ptytty_fatal ("protocol error while creating pty using helper process, aborting.\n");
 
   if (!id)
     return false;
 
-  if ((pty = rxvt_recv_fd (sock_fd)) < 0
-      || (tty = rxvt_recv_fd (sock_fd)) < 0)
-    rxvt_fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n");
+  if ((pty = recv_fd (sock_fd)) < 0
+      || (tty = recv_fd (sock_fd)) < 0)
+    ptytty_fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n");
 
   return true;
 }
 
 void
-rxvt_ptytty_proxy::login (int cmd_pid, bool login_shell, const char *hostname)
+ptytty_proxy::login (int cmd_pid, bool login_shell, const char *hostname)
 {
   command cmd;
 
@@ -434,36 +439,39 @@
   write (sock_fd, &cmd, sizeof (cmd));
 }
 
-rxvt_ptytty_proxy::~rxvt_ptytty_proxy ()
+ptytty_proxy::~ptytty_proxy ()
 {
-  command cmd;
+  if (id)
+    {
+      command cmd;
 
-  cmd.type = command::destroy;
-  cmd.id = id;
+      cmd.type = command::destroy;
+      cmd.id = id;
 
-  write (sock_fd, &cmd, sizeof (cmd));
+      write (sock_fd, &cmd, sizeof (cmd));
+    }
 }
 
 static
 void serve ()
 {
   command cmd;
-  vector<rxvt_ptytty *> ptys;
+  vector<ptytty *> ptys;
 
   while (read (sock_fd, &cmd, sizeof (command)) == sizeof (command))
     {
       if (cmd.type == command::get)
         {
           // -> id ptyfd ttyfd
-          cmd.id = new rxvt_ptytty_unix;
+          cmd.id = new ptytty_unix;
 
           if (cmd.id->get ())
             {
               write (sock_fd, &cmd.id, sizeof (cmd.id));
               ptys.push_back (cmd.id);
 
-              rxvt_send_fd (sock_fd, cmd.id->pty);
-              rxvt_send_fd (sock_fd, cmd.id->tty);
+              ptytty::send_fd (sock_fd, cmd.id->pty);
+              ptytty::send_fd (sock_fd, cmd.id->tty);
             }
           else
             {
@@ -484,9 +492,9 @@
         }
       else if (cmd.type == command::destroy)
         {
-          rxvt_ptytty **pty = find (ptys.begin (), ptys.end (), cmd.id);
+          vector<ptytty *>::iterator pty = find (ptys.begin (), ptys.end (), cmd.id);
 
-          if (pty)
+          if (pty != ptys.end ())
             {
               delete *pty;
               ptys.erase (pty);
@@ -497,25 +505,33 @@
     }
 
   // destroy all ptys
-  for (rxvt_ptytty **i = ptys.end (); i-- > ptys.begin (); )
+  for (vector<ptytty *>::iterator i = ptys.end (); i-- > ptys.begin (); )
     delete *i;
 }
 
-void rxvt_ptytty_server ()
+void
+ptytty::use_helper ()
 {
+  int pid = getpid ();
+
+  if (sock_fd >= 0 && pid == owner_pid)
+    return;
+
+  owner_pid = pid;
+
   int sv[2];
 
   if (socketpair (AF_UNIX, SOCK_STREAM, 0, sv))
-    rxvt_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n");
+    ptytty_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n");
 
-  pid = fork ();
+  helper_pid = fork ();
 
-  if (pid < 0)
-    rxvt_fatal ("could not create pty/sessiondb helper process, aborting.\n");
+  if (helper_pid < 0)
+    ptytty_fatal ("could not create pty/sessiondb helper process, aborting.\n");
 
-  if (pid)
+  if (helper_pid)
     {
-      // client, urxvt
+      // client, process
       sock_fd = sv[0];
       close (sv[1]);
       fcntl (sock_fd, F_SETFD, FD_CLOEXEC);
@@ -525,6 +541,8 @@
       // server, pty-helper
       sock_fd = sv[1];
 
+      chdir ("/");
+
       for (int fd = 0; fd < 1023; fd++)
         if (fd != sock_fd)
           close (fd);
@@ -536,18 +554,59 @@
 
 #endif
 
-// a "factory" *g*
-rxvt_ptytty *
-rxvt_new_ptytty ()
+ptytty *
+ptytty::create ()
 {
 #if PTYTTY_HELPER
-  if (pid > 0)
+  if (helper_pid && getpid () == owner_pid)
     // use helper process
-    return new rxvt_ptytty_proxy;
+    return new ptytty_proxy;
   else
 #endif
-    return new rxvt_ptytty_unix;
+    return new ptytty_unix;
 }
 
-/*----------------------- end-of-file (C source) -----------------------*/
+void
+ptytty::init ()
+{
+  uid_t uid = getuid ();
+  gid_t gid = getgid ();
+      
+  // before doing anything else, check for setuid/setgid operation,
+  // start the helper process and drop privileges
+  if (uid != geteuid ()
+      || gid != getegid ())
+    {
+#if PTYTTY_HELPER
+      use_helper ();
+#else
+      ptytty_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n");
+#endif
+
+      drop_privileges ();
+    }
+}
+
+void
+ptytty::drop_privileges ()
+{
+  uid_t uid = getuid ();
+  gid_t gid = getgid ();
+
+  // drop privileges
+#if HAVE_SETRESUID
+  setresgid (gid, gid, gid);
+  setresuid (uid, uid, uid);
+#elif HAVE_SETREUID
+  setregid (gid, gid);
+  setreuid (uid, uid);
+#elif HAVE_SETUID
+  setgid (gid);
+  setuid (uid);
+#endif
+
+  if (uid != geteuid ()
+      || gid != getegid ())
+    ptytty_fatal ("unable to drop privileges, aborting.\n");
+}