Allow dropping privs on platforms without setresuid()

This commit is contained in:
Mike Barnes 2022-01-29 16:14:37 +11:00
parent 47e075383f
commit 5a9b2518be
1 changed files with 10 additions and 1 deletions

11
main.c
View File

@ -20,7 +20,7 @@
#include "opts.h"
#include "utils.h"
/* lenght of "gemini://" */
/* length of "gemini://" */
#define GEMINI_PART 9
/*
@ -121,12 +121,21 @@ drop_privileges(const char *user, const char *path)
chrooted = 1;
echdir("/");
/* drop privileges */
#if defined (__OpenBSD__) || defined(__FreeBSD__)
if (setgroups(1, &pw->pw_gid) ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
errlog("dropping privileges to user %s (uid=%i) failed",
user, pw->pw_uid);
}
#else
if (setgroups(1, &pw->pw_gid) ||
setgid(pw->pw_gid) ||
setuid(pw->pw_uid)) {
errlog("dropping privileges to user %s (uid=%i) failed",
user, pw->pw_uid);
}
#endif
}
#ifdef __OpenBSD__
/*