diff options
| author | 2010-01-30 00:33:05 +0100 | |
|---|---|---|
| committer | 2010-01-30 00:33:05 +0100 | |
| commit | db1429f4ab24433ec1b98721230305ed043aba66 (patch) | |
| tree | 5a99ce10bfcc7259612dd79ab7efe740656498d4 | |
| parent | 9ff690acc10bce8307cfba809a5998b218589e16 (diff) | |
| download | usbmuxd-db1429f4ab24433ec1b98721230305ed043aba66.tar.gz usbmuxd-db1429f4ab24433ec1b98721230305ed043aba66.tar.bz2 | |
Do not attempt to drop privs to root
| -rw-r--r-- | daemon/main.c | 51 | 
1 files changed, 27 insertions, 24 deletions
| diff --git a/daemon/main.c b/daemon/main.c index 0557f0e..363f3d5 100644 --- a/daemon/main.c +++ b/daemon/main.c @@ -525,32 +525,35 @@ int main(int argc, char *argv[])  			res = -1;  			goto terminate;  		} +		if (pw->pw_uid == 0) { +			usbmuxd_log(LL_INFO, "Not dropping privileges to root"); +		} else { +			if ((res = initgroups(drop_user, pw->pw_gid)) < 0) { +				usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set supplementary groups)"); +				goto terminate; +			} +			if ((res = setgid(pw->pw_gid)) < 0) { +				usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set group ID to %d)", pw->pw_gid); +				goto terminate; +			} +			if ((res = setuid(pw->pw_uid)) < 0) { +				usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set user ID to %d)", pw->pw_uid); +				goto terminate; +			} -		if ((res = initgroups(drop_user, pw->pw_gid)) < 0) { -			usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set supplementary groups)"); -			goto terminate; -		} -		if ((res = setgid(pw->pw_gid)) < 0) { -			usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set group ID to %d)", pw->pw_gid); -			goto terminate; -		} -		if ((res = setuid(pw->pw_uid)) < 0) { -			usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set user ID to %d)", pw->pw_uid); -			goto terminate; -		} - -		// security check -		if (setuid(0) != -1) { -			usbmuxd_log(LL_FATAL, "Failed to drop privileges properly!"); -			res = -1; -			goto terminate; -		} -		if (getuid() != pw->pw_uid || getgid() != pw->pw_gid) { -			usbmuxd_log(LL_FATAL, "Failed to drop privileges properly!"); -			res = -1; -			goto terminate; +			// security check +			if (setuid(0) != -1) { +				usbmuxd_log(LL_FATAL, "Failed to drop privileges properly!"); +				res = -1; +				goto terminate; +			} +			if (getuid() != pw->pw_uid || getgid() != pw->pw_gid) { +				usbmuxd_log(LL_FATAL, "Failed to drop privileges properly!"); +				res = -1; +				goto terminate; +			} +			usbmuxd_log(LL_NOTICE, "Successfully dropped privileges to '%s'", drop_user);  		} -		usbmuxd_log(LL_NOTICE, "Successfully dropped privileges to '%s'", drop_user);  	}  	client_init(); | 
