diff options
author | Drew DeVault <sir@cmpwn.com> | 2016-09-27 14:28:14 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-09-27 14:28:14 -0400 |
commit | 4e660975a99cba67526b62dff930b334d550b4b4 (patch) | |
tree | b0c6c2a4ede896dd0a840201c8ae3f77037af7cc | |
parent | Merge pull request #914 from zandrmartin/container-ids (diff) | |
parent | Split setgid and setuid, add privilege check (diff) | |
download | sway-4e660975a99cba67526b62dff930b334d550b4b4.tar.gz sway-4e660975a99cba67526b62dff930b334d550b4b4.tar.zst sway-4e660975a99cba67526b62dff930b334d550b4b4.zip |
Split setgid and setuid, add privilege check [RFC]
-rw-r--r-- | sway/main.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/sway/main.c b/sway/main.c index 972b260b..660da18c 100644 --- a/sway/main.c +++ b/sway/main.c | |||
@@ -156,10 +156,18 @@ int main(int argc, char **argv) { | |||
156 | exit(EXIT_FAILURE); | 156 | exit(EXIT_FAILURE); |
157 | } | 157 | } |
158 | if (getuid() != geteuid() || getgid() != getegid()) { | 158 | if (getuid() != geteuid() || getgid() != getegid()) { |
159 | if (setgid(getgid()) != 0 || setuid(getuid()) != 0) { | 159 | if (setgid(getgid()) != 0) { |
160 | sway_log(L_ERROR, "Unable to drop root"); | 160 | sway_log(L_ERROR, "Unable to drop root"); |
161 | exit(EXIT_FAILURE); | 161 | exit(EXIT_FAILURE); |
162 | } | 162 | } |
163 | if (setuid(getuid()) != 0) { | ||
164 | sway_log(L_ERROR, "Unable to drop root"); | ||
165 | exit(EXIT_FAILURE); | ||
166 | } | ||
167 | } | ||
168 | if (setuid(0) != -1) { | ||
169 | sway_log(L_ERROR, "Root privileges can be restored."); | ||
170 | exit(EXIT_FAILURE); | ||
163 | } | 171 | } |
164 | char *socket_path = getenv("SWAYSOCK"); | 172 | char *socket_path = getenv("SWAYSOCK"); |
165 | if (!socket_path) { | 173 | if (!socket_path) { |