--- vixie-cron-4.1.20060426/usr.sbin/cron/crontab.c.orig	2006-04-30 23:34:38 +0000
+++ vixie-cron-4.1.20060426/usr.sbin/cron/crontab.c	2006-05-01 00:11:23 +0000
@@ -286,6 +286,7 @@ check_error(const char *msg) {
 static void
 edit_cmd(void) {
 	char n[MAX_FNAME], q[MAX_TEMPSTR], *editor;
+	const char *tmpdir;
 	FILE *f;
 	int ch, t, x;
 	struct stat statbuf, xstatbuf;
@@ -334,12 +335,24 @@ edit_cmd(void) {
 	(void)signal(SIGINT, SIG_IGN);
 	(void)signal(SIGQUIT, SIG_IGN);
 
+	tmpdir = getenv("TMPDIR");
+	if (!tmpdir || !*tmpdir)
+		tmpdir = "/tmp";
 	if (snprintf(Filename, sizeof Filename, "%s/crontab.XXXXXX",
-	    _PATH_TMP) >= sizeof(Filename)) {
+	    tmpdir) >= sizeof(Filename)) {
 		fprintf(stderr, "path too long\n");
 		goto fatal;
 	}
-	if (-1 == (t = mkstemp(Filename))) {
+	if (swap_gids() < OK) {
+		perror("swapping gids");
+		exit(ERROR_EXIT);
+	}
+	t = mkstemp(Filename);
+	if (swap_gids_back() < OK) {
+		perror("swapping gids back");
+		exit(ERROR_EXIT);
+	}
+	if (t < 0) {
 		perror(Filename);
 		goto fatal;
 	}
@@ -376,7 +389,15 @@ edit_cmd(void) {
 		exit(ERROR_EXIT);
 	}
 #ifndef HAVE_FUTIMES
+	if (swap_gids() < OK) {
+		perror("swapping gids");
+		exit(ERROR_EXIT);
+	}
 	utime(Filename, &utimebuf);
+	if (swap_gids_back() < OK) {
+		perror("swapping gids back");
+		exit(ERROR_EXIT);
+	}
 #else
 	(void)futimes(t, tv);
 #endif
@@ -386,7 +407,14 @@ edit_cmd(void) {
 		fprintf(stderr, "%s: error while writing new crontab to %s\n",
 			ProgramName, Filename);
  fatal:
+		if (swap_gids() < OK) {
+			perror("swapping gids");
+			exit(ERROR_EXIT);
+		}
 		unlink(Filename);
+		if (swap_gids_back() < OK) {
+			perror("swapping gids back");
+		}
 		exit(ERROR_EXIT);
 	}
 
@@ -473,11 +501,19 @@ edit_cmd(void) {
 #else
 	if (timespeccmp(&mtimespec, &statbuf.st_mtimespec, -) == 0) {
 #endif
+		if (swap_gids() < OK) {
+			perror("swapping gids");
+			exit(ERROR_EXIT);
+		}
 		if (lstat(Filename, &xstatbuf) == 0 &&
 		    statbuf.st_ino != xstatbuf.st_ino) {
 			fprintf(stderr, "%s: crontab temp file moved, editor "
 			   "may create backup files improperly\n", ProgramName);
 		}
+		if (swap_gids_back() < OK) {
+			perror("swapping gids back");
+			exit(ERROR_EXIT);
+		}
 		fprintf(stderr, "%s: no changes made to crontab\n",
 			ProgramName);
 		goto remove;
@@ -518,7 +554,15 @@ edit_cmd(void) {
 		goto fatal;
 	}
  remove:
+	if (swap_gids() < OK) {
+		perror("swapping gids");
+		exit(ERROR_EXIT);
+	}
 	unlink(Filename);
+	if (swap_gids_back() < OK) {
+		perror("swapping gids back");
+		exit(ERROR_EXIT);
+	}
  done:
 	log_it(RealUser, Pid, "END EDIT", User);
 }