- if (fstat(fileno(hostf), &sbuf) ||
- sbuf.st_uid && sbuf.st_uid != pwd->pw_uid ||
- sbuf.st_mode&022) {
- fclose(hostf);
- return(-1);
+ uid = geteuid();
+ (void)seteuid(pwd->pw_uid);
+ hostf = fopen(pbuf, "r");
+ (void)seteuid(uid);
+
+ if (hostf == NULL)
+ return (-1);
+ /*
+ * If not a regular file, or is owned by someone other than
+ * user or root or if writeable by anyone but the owner, quit.
+ */
+ if (lstat(pbuf, &sbuf) < 0)
+ __rcmd_errstr = ".rhosts lstat failed";
+ else if ((sbuf.st_mode & S_IFMT) != S_IFREG)
+ __rcmd_errstr = ".rhosts not regular file";
+ else if (fstat(fileno(hostf), &sbuf) < 0)
+ __rcmd_errstr = ".rhosts fstat failed";
+ else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid)
+ __rcmd_errstr = "bad .rhosts owner";
+ else if (sbuf.st_mode & 022)
+ __rcmd_errstr = "bad .rhosts permissions";
+ /* If there were any problems, quit. */
+ if (__rcmd_errstr) {
+ (void)fclose(hostf);
+ return (-1);