Synopsis: Fixed security problem in netstat
NetBSD versions: NetBSD-current from 19980603 to 19990208
Thanks to: Michael Graff, Charles Hannum.
Reported in NetBSD Security Advisory: SA1999-002

Index: src/usr.bin/netstat/main.c
===================================================================
RCS file: /cvsroot/src/usr.bin/netstat/main.c,v
retrieving revision 1.19
retrieving revision 1.20
diff -c -r1.19 -r1.20
*** main.c      1999/01/15 19:06:25     1.19
--- main.c      1999/02/08 11:34:36     1.20
***************
*** 1,4 ****
! /*    $NetBSD: main.c,v 1.19 1999/01/15 19:06:25 kml Exp $    */

 /*
  * Copyright (c) 1983, 1988, 1993
--- 1,4 ----
! /*    $NetBSD: main.c,v 1.20 1999/02/08 11:34:36 explorer Exp $       */

 /*
  * Copyright (c) 1983, 1988, 1993
***************
*** 43,49 ****
 #if 0
 static char sccsid[] = "from: @(#)main.c      8.4 (Berkeley) 3/1/94";
 #else
! __RCSID("$NetBSD: main.c,v 1.19 1999/01/15 19:06:25 kml Exp $");
 #endif
 #endif /* not lint */

--- 43,49 ----
 #if 0
 static char sccsid[] = "from: @(#)main.c      8.4 (Berkeley) 3/1/94";
 #else
! __RCSID("$NetBSD: main.c,v 1.20 1999/02/08 11:34:36 explorer Exp $");
 #endif
 #endif /* not lint */

***************
*** 354,360 ****
        * from kernel memory, otherwise switch back to kmem for the
        * duration of the kvm_openfiles() call.
        */
!       if (nlistf != NULL || memf != NULL)
               (void)setgid(getgid());
       else
               (void)setegid(egid);
--- 354,360 ----
        * from kernel memory, otherwise switch back to kmem for the
        * duration of the kvm_openfiles() call.
        */
!       if (nlistf != NULL || memf != NULL || Pflag)
               (void)setgid(getgid());
       else
               (void)setegid(egid);