Allow dropping privs on platforms without setresuid()
This commit is contained in:
parent
47e075383f
commit
5a9b2518be
1 changed files with 10 additions and 1 deletions
11
main.c
11
main.c
|
|
@ -20,7 +20,7 @@
|
||||||
#include "opts.h"
|
#include "opts.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
|
||||||
/* lenght of "gemini://" */
|
/* length of "gemini://" */
|
||||||
#define GEMINI_PART 9
|
#define GEMINI_PART 9
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
@ -121,12 +121,21 @@ drop_privileges(const char *user, const char *path)
|
||||||
chrooted = 1;
|
chrooted = 1;
|
||||||
echdir("/");
|
echdir("/");
|
||||||
/* drop privileges */
|
/* drop privileges */
|
||||||
|
#if defined (__OpenBSD__) || defined(__FreeBSD__)
|
||||||
if (setgroups(1, &pw->pw_gid) ||
|
if (setgroups(1, &pw->pw_gid) ||
|
||||||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
|
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
|
||||||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
|
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
|
||||||
errlog("dropping privileges to user %s (uid=%i) failed",
|
errlog("dropping privileges to user %s (uid=%i) failed",
|
||||||
user, pw->pw_uid);
|
user, pw->pw_uid);
|
||||||
}
|
}
|
||||||
|
#else
|
||||||
|
if (setgroups(1, &pw->pw_gid) ||
|
||||||
|
setgid(pw->pw_gid) ||
|
||||||
|
setuid(pw->pw_uid)) {
|
||||||
|
errlog("dropping privileges to user %s (uid=%i) failed",
|
||||||
|
user, pw->pw_uid);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
#ifdef __OpenBSD__
|
#ifdef __OpenBSD__
|
||||||
/*
|
/*
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue