aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLaurent Ghigonis <laurent@p1sec.com>2012-12-02 22:11:09 +0100
committerLaurent Ghigonis <laurent@p1sec.com>2012-12-02 22:11:39 +0100
commit1513101a3f80ff9a3e6e9c66cf10482d8e60b8aa (patch)
treeeae6bb9f9826da5ae00c70e4616c39ff0348eedd
parentuse a variable to store dedicated USER _glougloud (diff)
downloadglouglou-1513101a3f80ff9a3e6e9c66cf10482d8e60b8aa.tar.xz
glouglou-1513101a3f80ff9a3e6e9c66cf10482d8e60b8aa.zip
droppriv(): ability not to chroot, and to chroot in a specific directory
WARNING: droppriv() API breakage
-rw-r--r--libglouglou/libglouglou.h2
-rw-r--r--libglouglou/utils.c10
2 files changed, 8 insertions, 4 deletions
diff --git a/libglouglou/libglouglou.h b/libglouglou/libglouglou.h
index d66b9f1..690d728 100644
--- a/libglouglou/libglouglou.h
+++ b/libglouglou/libglouglou.h
@@ -190,6 +190,6 @@ void *xcalloc(size_t, size_t);
void fd_nonblock(int);
void addrcpy(struct sockaddr_in *, struct sockaddr_in *);
int addrcmp(struct sockaddr_in *, struct sockaddr_in *);
-void droppriv(char *);
+void droppriv(char *, int, char *);
#endif /* _LIBGLOUGLOU_H_ */
diff --git a/libglouglou/utils.c b/libglouglou/utils.c
index 9915bf2..8ca3660 100644
--- a/libglouglou/utils.c
+++ b/libglouglou/utils.c
@@ -174,15 +174,19 @@ addrcmp(struct sockaddr_in *a, struct sockaddr_in *b)
}
void
-droppriv(char *user)
+droppriv(char *user, int do_chroot, char *chroot_path)
{
struct passwd *pw;
pw = getpwnam(user);
if (!pw)
err(1, "unknown user %s", user);
- if (chroot(pw->pw_dir) != 0)
- err(1, "unable to chroot");
+ if (do_chroot) {
+ if (!chroot_path)
+ chroot_path = pw->pw_dir;
+ if (chroot(chroot_path) != 0)
+ err(1, "unable to chroot");
+ }
if (chdir("/") != 0)
err(1, "unable to chdir");
if (setgroups(1, &pw->pw_gid) == -1)