INET: drop privileges upon startup
This commit is contained in:
parent
becf700bc2
commit
9330d92639
1 changed files with 10 additions and 0 deletions
|
@ -43,6 +43,9 @@ from DL_ETH:
|
||||||
#include <minix/ds.h>
|
#include <minix/ds.h>
|
||||||
#include <minix/endpoint.h>
|
#include <minix/endpoint.h>
|
||||||
#include <minix/chardriver.h>
|
#include <minix/chardriver.h>
|
||||||
|
#include <minix/rs.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <pwd.h>
|
||||||
|
|
||||||
#include "mq.h"
|
#include "mq.h"
|
||||||
#include "qp.h"
|
#include "qp.h"
|
||||||
|
@ -207,6 +210,7 @@ PRIVATE int sef_cb_init_fresh(int type, sef_init_info_t *info)
|
||||||
int timerand, fd;
|
int timerand, fd;
|
||||||
u8_t randbits[32];
|
u8_t randbits[32];
|
||||||
struct timeval tv;
|
struct timeval tv;
|
||||||
|
struct passwd *pw;
|
||||||
|
|
||||||
#if DEBUG
|
#if DEBUG
|
||||||
printf("Starting inet...\n");
|
printf("Starting inet...\n");
|
||||||
|
@ -281,6 +285,12 @@ PRIVATE int sef_cb_init_fresh(int type, sef_init_info_t *info)
|
||||||
ip_panic(("inet: can't subscribe to driver events"));
|
ip_panic(("inet: can't subscribe to driver events"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Drop root privileges */
|
||||||
|
if ((pw = getpwnam(SERVICE_LOGIN)) == NULL)
|
||||||
|
ip_panic(("inet: unable to retrieve uid of SERVICE_LOGIN"));
|
||||||
|
if (setuid(pw->pw_uid) != 0)
|
||||||
|
ip_panic(("inet: unable to drop privileges"));
|
||||||
|
|
||||||
/* Announce we are up. INET announces its presence to VFS just like
|
/* Announce we are up. INET announces its presence to VFS just like
|
||||||
* any other character driver.
|
* any other character driver.
|
||||||
*/
|
*/
|
||||||
|
|
Loading…
Reference in a new issue