… | |
… | |
25 | |
25 | |
26 | #include "../config.h" |
26 | #include "../config.h" |
27 | |
27 | |
28 | #include "ptytty.h" |
28 | #include "ptytty.h" |
29 | |
29 | |
30 | // helper/proxy support |
|
|
31 | |
|
|
32 | #if PTYTTY_HELPER |
|
|
33 | |
|
|
34 | #include <csignal> |
30 | #include <csignal> |
35 | |
31 | |
36 | #include <sys/types.h> |
32 | #include <sys/types.h> |
37 | #include <sys/socket.h> |
33 | #include <sys/socket.h> |
38 | #include <unistd.h> |
34 | #include <unistd.h> |
39 | #include <fcntl.h> |
35 | #include <fcntl.h> |
|
|
36 | |
|
|
37 | // helper/proxy support |
|
|
38 | |
|
|
39 | #if PTYTTY_HELPER |
40 | |
40 | |
41 | static int sock_fd = -1, lock_fd = -1; |
41 | static int sock_fd = -1, lock_fd = -1; |
42 | static int helper_pid, owner_pid; |
42 | static int helper_pid, owner_pid; |
43 | |
43 | |
44 | struct command |
44 | struct command |
… | |
… | |
123 | |
123 | |
124 | ptytty_proxy::~ptytty_proxy () |
124 | ptytty_proxy::~ptytty_proxy () |
125 | { |
125 | { |
126 | if (id) |
126 | if (id) |
127 | { |
127 | { |
|
|
128 | close (pty); |
|
|
129 | |
128 | NEED_TOKEN; |
130 | NEED_TOKEN; |
129 | |
131 | |
130 | command cmd; |
132 | command cmd; |
131 | |
133 | |
132 | cmd.type = command::destroy; |
134 | cmd.type = command::destroy; |
… | |
… | |
303 | || gid != getegid ()) |
305 | || gid != getegid ()) |
304 | { |
306 | { |
305 | #if PTYTTY_HELPER |
307 | #if PTYTTY_HELPER |
306 | use_helper (); |
308 | use_helper (); |
307 | #else |
309 | #else |
308 | ptytty_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n"); |
310 | ptytty_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n", 0); |
309 | #endif |
311 | #endif |
310 | |
312 | |
311 | drop_privileges (); |
313 | drop_privileges (); |
312 | } |
314 | } |
313 | } |
315 | } |
… | |
… | |
326 | setregid (gid, gid); |
328 | setregid (gid, gid); |
327 | setreuid (uid, uid); |
329 | setreuid (uid, uid); |
328 | #elif HAVE_SETUID |
330 | #elif HAVE_SETUID |
329 | setgid (gid); |
331 | setgid (gid); |
330 | setuid (uid); |
332 | setuid (uid); |
|
|
333 | #else |
|
|
334 | # error no way to drop privileges, configure failed? |
331 | #endif |
335 | #endif |
332 | |
336 | |
333 | if (uid != geteuid () |
337 | if (uid != geteuid () |
334 | || gid != getegid ()) |
338 | || gid != getegid ()) |
335 | ptytty_fatal ("unable to drop privileges, aborting.\n"); |
339 | ptytty_fatal ("unable to drop privileges, aborting.\n"); |