… | |
… | |
209 | void rxvt_term::emergency_cleanup () |
209 | void rxvt_term::emergency_cleanup () |
210 | { |
210 | { |
211 | if (cmd_pid) |
211 | if (cmd_pid) |
212 | kill (-cmd_pid, SIGHUP); |
212 | kill (-cmd_pid, SIGHUP); |
213 | |
213 | |
214 | #ifdef UTMP_SUPPORT |
|
|
215 | privileged_utmp (RESTORE); |
|
|
216 | #endif |
|
|
217 | |
|
|
218 | delete pty; pty = 0; |
214 | delete pty; pty = 0; |
219 | } |
215 | } |
220 | |
216 | |
221 | rxvt_term::~rxvt_term () |
217 | rxvt_term::~rxvt_term () |
222 | { |
218 | { |
… | |
… | |
600 | char **rxvt_environ; // startup environment |
596 | char **rxvt_environ; // startup environment |
601 | |
597 | |
602 | void |
598 | void |
603 | rxvt_init () |
599 | rxvt_init () |
604 | { |
600 | { |
|
|
601 | uid_t uid = getuid (); |
|
|
602 | gid_t gid = getgid (); |
|
|
603 | |
|
|
604 | // before doing anything else, check for setuid/setgid operation, |
|
|
605 | // start the helper process and drop privileges |
|
|
606 | if (uid != geteuid () |
|
|
607 | || 1 //D |
|
|
608 | || gid != getegid ()) |
|
|
609 | { |
|
|
610 | #if PTYTTY_HELPER |
|
|
611 | rxvt_ptytty_server (); |
|
|
612 | #else |
|
|
613 | rxvt_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n"); |
|
|
614 | #endif |
|
|
615 | |
|
|
616 | // drop privileges |
|
|
617 | #if HAVE_SETRESUID |
|
|
618 | setresgid (gid, gid, gid); |
|
|
619 | setresuid (uid, uid, uid); |
|
|
620 | #elif HAVE_SETREUID |
|
|
621 | setregid (gid, gid); |
|
|
622 | setreuid (uid, uid); |
|
|
623 | #elif HAVE_SETUID |
|
|
624 | setgid (gid); |
|
|
625 | setuid (uid); |
|
|
626 | #endif |
|
|
627 | |
|
|
628 | if (uid != geteuid () |
|
|
629 | || gid != getegid ()) |
|
|
630 | rxvt_fatal ("unable to drop privileges, aborting.\n"); |
|
|
631 | } |
|
|
632 | |
605 | rxvt_environ = environ; |
633 | rxvt_environ = environ; |
606 | |
634 | |
607 | /* |
635 | /* |
608 | * Save and then give up any super-user privileges |
636 | * Save and then give up any super-user privileges |
609 | * If we need privileges in any area then we must specifically request it. |
637 | * If we need privileges in any area then we must specifically request it. |