X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/91a5c5da51e5b1ffcb8990c9a42ac70668901d41..4254cbe7d10a03bb4ab5e1d98cc1c1d25202adee:/tcpdump.c

diff --git a/tcpdump.c b/tcpdump.c
index fcf5be8e..059d2546 100644
--- a/tcpdump.c
+++ b/tcpdump.c
@@ -30,7 +30,7 @@ static const char copyright[] =
     "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\
 The Regents of the University of California.  All rights reserved.\n";
 static const char rcsid[] =
-    "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.207 2003-05-22 16:33:07 hannes Exp $ (LBL)";
+    "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.209 2003-06-03 23:32:42 guy Exp $ (LBL)";
 #endif
 
 /*
@@ -608,21 +608,24 @@ main(int argc, char **argv)
 		thiszone = gmt2local(0);
 
 	if (RFileName != NULL) {
+#ifndef WIN32
 		/*
-		 * We don't need network access, so set it back to the user id.
-		 * Also, this prevents the user from reading anyone's
-		 * trace file.
+		 * We don't need network access, so relinquish any set-UID
+		 * or set-GID privileges we have (if any).
+		 *
+		 * We do *not* want set-UID privileges when opening a
+		 * trace file, as that might let the user read other
+		 * people's trace files (especially if we're set-UID
+		 * root).
 		 */
-#ifndef WIN32
 		setuid(getuid());
 #endif /* WIN32 */
-
 		pd = pcap_open_offline(RFileName, ebuf);
+		if (pd == NULL)
+			error("%s", ebuf);
                 printf("reading from file %s, link-type %u\n",
 		       RFileName,
 		       pcap_datalink(pd));
-		if (pd == NULL)
-			error("%s", ebuf);
 		localnet = 0;
 		netmask = 0;
 		if (fflag != 0)
@@ -749,7 +752,7 @@ main(int argc, char **argv)
 		} else
 			(void)fprintf(stderr, "%s: ", program_name);
 		(void)fprintf(stderr, "listening on %s, link-type %u, capture size %u bytes\n",
-		    device, type, snaplen);
+		    device, pcap_datalink(pd), snaplen);
 		(void)fflush(stderr);
 	}
 #endif /* WIN32 */