Drop privileges after startup

1 files changed, 23 insertions, 2 deletions

diff --git a/main.c b/main.c
index 157ecbb..8fb36ef 100644
--- a/main.c
+++ b/main.c
@@ -37,6 +37,7 @@
 #include <pthread.h>
 #include <stdint.h>
 #include <usb.h>
+#include <pwd.h>
 
 #include "usbmuxd-proto.h"
 #include "sock_stuff.h"
@@ -1018,7 +1019,27 @@ int main(int argc, char **argv)
 	lock.l_whence = SEEK_SET;
 	lock.l_start = 0;
 	lock.l_len = 0;
-	fcntl(fileno(lfd), F_SETLK, &lock);
+	if (fcntl(fileno(lfd), F_SETLK, &lock) == -1) {
+	    logmsg(LOG_ERR, "ERROR: lockfile locking failed!");
+	}
+    }
+
+    // drop elevated privileges
+    if (getuid() == 0 || geteuid() == 0) {
+	struct passwd *pw = getpwnam("nobody");
+	if (pw) {
+	    setuid(pw->pw_uid);
+	} else {
+	    logmsg(LOG_ERR, "ERROR: Dropping privileges failed, check if user 'nobody' exists! Will now terminate.");
+	    exit(EXIT_FAILURE);
+	}
+
+	// security check
+	if (setuid(0) != -1) {
+	    logmsg(LOG_ERR, "ERROR: Failed to drop privileges properly!");
+	    exit(EXIT_FAILURE);
+	}
+	if (verbose >= 2) logmsg(LOG_NOTICE, "Successfully dropped privileges");
     }
 
     // Reserve space for 10 clients which should be enough. If not, the
@@ -1137,7 +1158,7 @@ int main(int argc, char **argv)
     // unlock lock file and close it.
     if (lfd) {
 	lock.l_type = F_UNLCK;
-	fcntl(fileno(lfd), F_SETLK, lock);
+	fcntl(fileno(lfd), F_SETLK, &lock);
 	fclose(lfd);
     }