From 0a019a02b004d40d530d56c708165a3490d87d20 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Groenvall?= <bg@sics.se>
Date: Thu, 8 Aug 1996 13:28:04 +0000
Subject: [PATCH] Minor security fix.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@640 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/kafs/afssys.c | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/lib/kafs/afssys.c b/lib/kafs/afssys.c
index 4a1a9fb43..5b1660e1e 100644
--- a/lib/kafs/afssys.c
+++ b/lib/kafs/afssys.c
@@ -134,7 +134,20 @@ static int (*Setpag)(void);
 
 #include "dlfcn.h"
 
-int aix_setup(void)
+static
+int
+isSuid()
+{
+  int uid = getuid();
+  int gid = getgid();
+  int euid = getegid();
+  int egid = getegid();
+  return (uid != euid) || (gid != egid);
+}
+
+static
+int
+aix_setup(void)
 {
 #ifdef STATIC_AFS_SYSCALLS
     Pioctl = aix_pioctl;
@@ -142,7 +155,10 @@ int aix_setup(void)
 #else
     void *ptr;
     char path[MaxPathLen], *p;
-    if((p = getenv("AFSLIBPATH")) != NULL)
+    /*
+     * If we are root or running setuid don't trust AFSLIBPATH!
+     */
+    if (getuid() != 0 && !isSuid() && (p = getenv("AFSLIBPATH")) != NULL)
 	strcpy(path, p);
     else
 	sprintf(path, "%s/afslib.so", LIBDIR);