From: Thomas Veerman Date: Fri, 27 Jan 2012 14:21:10 +0000 (+0000) Subject: INET: drop privileges upon startup X-Git-Tag: v3.2.0~99 X-Git-Url: http://zhaoyanbai.com/repos/%22http:/www.isc.org/icons/Bv9ARM.ch10.html?a=commitdiff_plain;h=9330d9263976f9c78f41a67f1f57ffe1b1b4e632;p=minix.git INET: drop privileges upon startup --- diff --git a/servers/inet/inet.c b/servers/inet/inet.c index 82c290191..3e3ce0db3 100644 --- a/servers/inet/inet.c +++ b/servers/inet/inet.c @@ -43,6 +43,9 @@ from DL_ETH: #include #include #include +#include +#include +#include #include "mq.h" #include "qp.h" @@ -207,6 +210,7 @@ PRIVATE int sef_cb_init_fresh(int type, sef_init_info_t *info) int timerand, fd; u8_t randbits[32]; struct timeval tv; + struct passwd *pw; #if DEBUG printf("Starting inet...\n"); @@ -281,6 +285,12 @@ PRIVATE int sef_cb_init_fresh(int type, sef_init_info_t *info) ip_panic(("inet: can't subscribe to driver events")); } + /* Drop root privileges */ + if ((pw = getpwnam(SERVICE_LOGIN)) == NULL) + ip_panic(("inet: unable to retrieve uid of SERVICE_LOGIN")); + if (setuid(pw->pw_uid) != 0) + ip_panic(("inet: unable to drop privileges")); + /* Announce we are up. INET announces its presence to VFS just like * any other character driver. */