From f3c11fde79558deea770d952c3ec8626cb4e5040 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Groenvall?= <bg@sics.se>
Date: Fri, 9 Jun 2000 09:59:47 +0000
Subject: [PATCH] Not all systems implement setuid(2) the way you expect.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8362 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 appl/xnlock/xnlock.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/appl/xnlock/xnlock.c b/appl/xnlock/xnlock.c
index 60d2dfe14..35874279c 100644
--- a/appl/xnlock/xnlock.c
+++ b/appl/xnlock/xnlock.c
@@ -954,14 +954,19 @@ main (int argc, char **argv)
      */
     {
       struct passwd *pw;
+      uid_t uid = getuid();
       if (!(pw = k_getpwuid(0)))
 	errx (1, "can't get root's passwd!");
       strlcpy(root_cpass, pw->pw_passwd, sizeof(root_cpass));
 
-      if (!(pw = k_getpwuid(getuid())))
+      if (!(pw = k_getpwuid(uid)))
 	errx (1, "Can't get your password entry!");
       strlcpy(user_cpass, pw->pw_passwd, sizeof(user_cpass));
-      setuid(getuid());
+      setuid(uid);
+      if (uid != 0 && setuid(0) != -1) {
+	fprintf(stderr, "Failed to drop privileges!");
+	exit(1);
+      }
       /* Now we're no longer running setuid root. */
       strlcpy(login, pw->pw_name, sizeof(login));
     }