From 93f9bb4a577e42b63048bd23715cf78feed3c379 Mon Sep 17 00:00:00 2001
From: Philip Homburg <philip@cs.vu.nl>
Date: Fri, 27 Apr 2007 12:27:40 +0000
Subject: [PATCH] Restrict access to rs to root's processes.

---
 servers/rs/main.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/servers/rs/main.c b/servers/rs/main.c
index a1135882d..0c3ff6272 100644
--- a/servers/rs/main.c
+++ b/servers/rs/main.c
@@ -40,6 +40,7 @@ PUBLIC int main(void)
   int result;                 			/* result to return */
   sigset_t sigset;				/* system signal set */
   int s;
+  uid_t euid;
 
   /* Initialize the server, then go to work. */
   init_server();	
@@ -83,6 +84,17 @@ PUBLIC int main(void)
        * Handle the request and send a reply to the caller. 
        */
       else {	
+	  /* Only root can make calls to rs */
+	  euid= getpeuid(m.m_source);
+	  if (euid != 0)
+	  {
+		printf("RS: got unauthorized request from endpoint %d\n",
+			m.m_source);
+		m.m_type = EPERM;
+		reply(who_e, &m);
+		continue;
+	  }
+
           switch(call_nr) {
           case RS_UP: 		result = do_up(&m, FALSE, 0); break;
           case RS_UP_COPY:	result = do_up(&m, TRUE, 0); break;
-- 
2.44.0