This file is part of polypaudio.
polypaudio is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published
+ it under the terms of the GNU Lesser General Public License as published
by the Free Software Foundation; either version 2 of the License,
or (at your option) any later version.
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
- You should have received a copy of the GNU General Public License
+ You should have received a copy of the GNU Lesser General Public License
along with polypaudio; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
USA.
#include "log.h"
#include "caps.h"
+#ifdef HAVE_GETUID
+
+/* Drop root rights when called SUID root */
void pa_drop_root(void) {
uid_t uid = getuid();
if (uid == 0 || geteuid() != 0)
return;
-
- pa_log(__FILE__": dropping root rights.\n");
-
+
+ pa_log_info(__FILE__": dropping root rights.\n");
+
+#if defined(HAVE_SETRESUID)
+ setresuid(uid, uid, uid);
+#elif defined(HAVE_SETREUID)
+ setreuid(uid, uid);
+#else
setuid(uid);
seteuid(uid);
+#endif
}
+#else
+
+void pa_drop_root(void) {
+}
+
+#endif
+
#ifdef HAVE_SYS_CAPABILITY_H
+/* Limit capabilities set to CAPSYS_NICE */
int pa_limit_caps(void) {
int r = -1;
cap_t caps;
if (cap_set_proc(caps) < 0)
goto fail;
- pa_log(__FILE__": dropped capabilities successfully.\n");
+ pa_log_info(__FILE__": dropped capabilities successfully.\n");
r = 0;
return r;
}
+/* Drop all capabilities, effectively becoming a normal user */
int pa_drop_caps(void) {
cap_t caps;
int r = -1;
#else
+/* NOOPs in case capabilities are not available. */
int pa_limit_caps(void) {
return 0;
}