write: fix setuid related regression
The write(1) is commonly a setuid binary, because common users cannot by
default write to each others terminals. Since the commit in reference, that
is part of releases v2.24 to v2.28, the write(1) has used access(2) to check
capability to write to a destination terminal. The catch is that access(2)
uses real UID and GID to when performing the accessibility. The obvious
correction is to avoid access(2) when in context of setuid binaries.
As a smaller fix, but equally important fix, ensure the 'msgsok' variable is
initialized to indicate no access. Uninitialized variable will almost
certainly do wrong thing at the time of check.
Breaking-commit:
0233a8ea18bec17dd59cfe1fec8281
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Wayne Pollock <profwaynepollock@gmail.com>
projects / thirdparty / util-linux.git / commit
