andreabont/Project-Riddle
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix drop priv

Browse source
This commit is contained in:
Andrea Bontempi 2012-05-23 12:53:06 +02:00
commit 3678ac11a5
1 changed files with 27 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

36
Riddle.cpp
View file

@ -49,15 +49,33 @@ int main(int argc, char **argv) {
cout<<desc<<"\n";
return 1;
}
#ifdef __linux__
int realuid, effectiveuid;
if (vm.count("secure"))
{
if (getuid() != 0)
{
cerr << "ERROR> To use the \"secure\" option the program must run as root." << endl;
return EXIT_FAILURE;
}
realuid = getuid(); // UID del lanciatore
effectiveuid = geteuid(); // UID del proprietario
if(realuid == -1 || effectiveuid == -1)
{
cerr << "ERROR >> Can't read real and effective UID." << endl;
return EXIT_FAILURE;
}
if(effectiveuid)
{
cerr << "ERROR >> To use the \"secure\" option the program must be owned by root and must have enabled the sticky bit. (EUID = " << effectiveuid << ")" << endl;
return EXIT_FAILURE;
}
if (!realuid)
{
cerr << "ERROR >> To use the \"secure\" option the program must't run as root. (RUID = " << realuid << ")" << endl;
return EXIT_FAILURE;
}
}
#endif
@ -102,11 +120,11 @@ int main(int argc, char **argv) {
#ifdef __linux__
if (vm.count("secure"))
{
cerr << ">> Drop root privileges." << endl;
seteuid(1000); // TODO Select uid.
cerr << ">> Drop root privileges. Set Real UID to '" << realuid << "'" << endl;
seteuid(realuid);
}
#endif
if (vm.count("filter"))
{
string filter = vm["filter"].as<string>();