$NetBSD: patch-ar,v 1.1 2006/08/09 17:31:10 salo Exp $

Security fix for SA21402.

--- clients/ksu/main.c.orig	2002-08-14 21:14:49.000000000 +0200
+++ clients/ksu/main.c	2006-08-09 18:52:53.000000000 +0200
@@ -892,8 +892,11 @@ static void sweep_up(context, cc)
     const char * cc_name;
     struct stat  st_temp;
 
-    krb5_seteuid(0);
-    krb5_seteuid(target_uid);
+    if (krb5_seteuid(0) < 0 || krb5_seteuid(target_uid) < 0) {
+	com_err(prog_name, errno,
+		"while returning to source uid for destroying ccache");
+	exit(1);
+    }
     
     cc_name = krb5_cc_get_name(context, cc);
     if ( ! stat(cc_name, &st_temp)){
