diff options
Diffstat (limited to 'sway/main.c')
-rw-r--r-- | sway/main.c | 43 |
1 files changed, 33 insertions, 10 deletions
diff --git a/sway/main.c b/sway/main.c index b9549b12..82375e0b 100644 --- a/sway/main.c +++ b/sway/main.c | |||
@@ -1,4 +1,4 @@ | |||
1 | #define _XOPEN_SOURCE 500 | 1 | #define _XOPEN_SOURCE 700 |
2 | #define _POSIX_C_SOURCE 200112L | 2 | #define _POSIX_C_SOURCE 200112L |
3 | #include <stdio.h> | 3 | #include <stdio.h> |
4 | #include <stdlib.h> | 4 | #include <stdlib.h> |
@@ -27,6 +27,7 @@ | |||
27 | #include "stringop.h" | 27 | #include "stringop.h" |
28 | #include "sway.h" | 28 | #include "sway.h" |
29 | #include "log.h" | 29 | #include "log.h" |
30 | #include "util.h" | ||
30 | 31 | ||
31 | static bool terminate_request = false; | 32 | static bool terminate_request = false; |
32 | static int exit_value = 0; | 33 | static int exit_value = 0; |
@@ -209,6 +210,27 @@ static void security_sanity_check() { | |||
209 | #endif | 210 | #endif |
210 | } | 211 | } |
211 | 212 | ||
213 | static void executable_sanity_check() { | ||
214 | #ifdef __linux__ | ||
215 | struct stat sb; | ||
216 | char *exe = realpath("/proc/self/exe", NULL); | ||
217 | stat(exe, &sb); | ||
218 | // We assume that cap_get_file returning NULL implies ENODATA | ||
219 | if (sb.st_mode & (S_ISUID|S_ISGID) && cap_get_file(exe)) { | ||
220 | sway_log(L_ERROR, | ||
221 | "sway executable has both the s(g)uid bit AND file caps set."); | ||
222 | sway_log(L_ERROR, | ||
223 | "This is strongly discouraged (and completely broken)."); | ||
224 | sway_log(L_ERROR, | ||
225 | "Please clear one of them (either the suid bit, or the file caps)."); | ||
226 | sway_log(L_ERROR, | ||
227 | "If unsure, strip the file caps."); | ||
228 | exit(EXIT_FAILURE); | ||
229 | } | ||
230 | free(exe); | ||
231 | #endif | ||
232 | } | ||
233 | |||
212 | int main(int argc, char **argv) { | 234 | int main(int argc, char **argv) { |
213 | static int verbose = 0, debug = 0, validate = 0; | 235 | static int verbose = 0, debug = 0, validate = 0; |
214 | 236 | ||
@@ -288,6 +310,15 @@ int main(int argc, char **argv) { | |||
288 | } | 310 | } |
289 | } | 311 | } |
290 | 312 | ||
313 | // we need to setup logging before wlc_init in case it fails. | ||
314 | if (debug) { | ||
315 | init_log(L_DEBUG); | ||
316 | } else if (verbose || validate) { | ||
317 | init_log(L_INFO); | ||
318 | } else { | ||
319 | init_log(L_ERROR); | ||
320 | } | ||
321 | |||
291 | if (optind < argc) { // Behave as IPC client | 322 | if (optind < argc) { // Behave as IPC client |
292 | if(optind != 1) { | 323 | if(optind != 1) { |
293 | sway_log(L_ERROR, "Don't use options with the IPC client"); | 324 | sway_log(L_ERROR, "Don't use options with the IPC client"); |
@@ -317,6 +348,7 @@ int main(int argc, char **argv) { | |||
317 | return 0; | 348 | return 0; |
318 | } | 349 | } |
319 | 350 | ||
351 | executable_sanity_check(); | ||
320 | #ifdef __linux__ | 352 | #ifdef __linux__ |
321 | bool suid = false; | 353 | bool suid = false; |
322 | if (getuid() != geteuid() || getgid() != getegid()) { | 354 | if (getuid() != geteuid() || getgid() != getegid()) { |
@@ -329,14 +361,6 @@ int main(int argc, char **argv) { | |||
329 | } | 361 | } |
330 | #endif | 362 | #endif |
331 | 363 | ||
332 | // we need to setup logging before wlc_init in case it fails. | ||
333 | if (debug) { | ||
334 | init_log(L_DEBUG); | ||
335 | } else if (verbose || validate) { | ||
336 | init_log(L_INFO); | ||
337 | } else { | ||
338 | init_log(L_ERROR); | ||
339 | } | ||
340 | wlc_log_set_handler(wlc_log_handler); | 364 | wlc_log_set_handler(wlc_log_handler); |
341 | log_kernel(); | 365 | log_kernel(); |
342 | log_distro(); | 366 | log_distro(); |
@@ -409,4 +433,3 @@ int main(int argc, char **argv) { | |||
409 | 433 | ||
410 | return exit_value; | 434 | return exit_value; |
411 | } | 435 | } |
412 | |||