| 1 |
// This file is part of libptytty. Do not make local modifications. |
| 2 |
// http://software.schmorp.de/pkg/libptytty |
| 3 |
|
| 4 |
/*----------------------------------------------------------------------* |
| 5 |
* File: ptytty.C |
| 6 |
*----------------------------------------------------------------------* |
| 7 |
* |
| 8 |
* All portions of code are copyright by their respective author/s. |
| 9 |
* Copyright (c) 1999-2001 Geoff Wing <gcw@pobox.com> |
| 10 |
* Copyright (c) 2004-2006 Marc Lehmann <pcg@goof.com> |
| 11 |
* |
| 12 |
* This program is free software; you can redistribute it and/or modify |
| 13 |
* it under the terms of the GNU General Public License as published by |
| 14 |
* the Free Software Foundation; either version 2 of the License, or |
| 15 |
* (at your option) any later version. |
| 16 |
* |
| 17 |
* This program is distributed in the hope that it will be useful, |
| 18 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 19 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 20 |
* GNU General Public License for more details. |
| 21 |
* |
| 22 |
* You should have received a copy of the GNU General Public License |
| 23 |
* along with this program; if not, write to the Free Software |
| 24 |
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
| 25 |
*---------------------------------------------------------------------*/ |
| 26 |
|
| 27 |
#include "../config.h" |
| 28 |
|
| 29 |
#include "ptytty.h" |
| 30 |
|
| 31 |
#include <cstdlib> |
| 32 |
#include <cstring> |
| 33 |
|
| 34 |
#include <sys/types.h> |
| 35 |
#include <sys/socket.h> |
| 36 |
#include <unistd.h> |
| 37 |
#include <fcntl.h> |
| 38 |
|
| 39 |
#ifdef HAVE_SYS_IOCTL_H |
| 40 |
# include <sys/ioctl.h> |
| 41 |
#endif |
| 42 |
#if defined(HAVE_DEV_PTMX) && defined(HAVE_SYS_STROPTS_H) |
| 43 |
# include <sys/stropts.h> /* for I_PUSH */ |
| 44 |
#endif |
| 45 |
#ifdef HAVE_ISASTREAM |
| 46 |
# include <stropts.h> |
| 47 |
#endif |
| 48 |
#if defined(HAVE_PTY_H) |
| 49 |
# include <pty.h> |
| 50 |
#elif defined(HAVE_LIBUTIL_H) |
| 51 |
# include <libutil.h> |
| 52 |
#elif defined(HAVE_UTIL_H) |
| 53 |
# include <util.h> |
| 54 |
#endif |
| 55 |
#ifdef TTY_GID_SUPPORT |
| 56 |
#include <grp.h> |
| 57 |
#endif |
| 58 |
|
| 59 |
#include <cstdio> |
| 60 |
|
| 61 |
///////////////////////////////////////////////////////////////////////////// |
| 62 |
|
| 63 |
/* ------------------------------------------------------------------------- * |
| 64 |
* GET PSEUDO TELETYPE - MASTER AND SLAVE * |
| 65 |
* ------------------------------------------------------------------------- */ |
| 66 |
/* |
| 67 |
* Returns pty file descriptor, or -1 on failure |
| 68 |
* If successful, ttydev is set to the name of the slave device. |
| 69 |
* fd_tty _may_ also be set to an open fd to the slave device |
| 70 |
*/ |
| 71 |
#if defined(UNIX98_PTY) |
| 72 |
static int |
| 73 |
get_pty (int *fd_tty, char **ttydev) |
| 74 |
{ |
| 75 |
int pfd; |
| 76 |
|
| 77 |
# if defined(HAVE_GETPT) |
| 78 |
pfd = getpt(); |
| 79 |
# elif defined(HAVE_POSIX_OPENPT) |
| 80 |
pfd = posix_openpt (O_RDWR); |
| 81 |
# else |
| 82 |
pfd = open (CLONE_DEVICE, O_RDWR | O_NOCTTY, 0); |
| 83 |
# endif |
| 84 |
if (pfd >= 0) |
| 85 |
{ |
| 86 |
if (grantpt (pfd) == 0 /* change slave permissions */ |
| 87 |
&& unlockpt (pfd) == 0) |
| 88 |
{ /* slave now unlocked */ |
| 89 |
*ttydev = strdup (ptsname (pfd)); /* get slave's name */ |
| 90 |
return pfd; |
| 91 |
} |
| 92 |
|
| 93 |
close (pfd); |
| 94 |
} |
| 95 |
|
| 96 |
return -1; |
| 97 |
} |
| 98 |
#elif defined(HAVE_OPENPTY) |
| 99 |
static int |
| 100 |
get_pty (int *fd_tty, char **ttydev) |
| 101 |
{ |
| 102 |
int pfd; |
| 103 |
int res; |
| 104 |
char tty_name[32]; |
| 105 |
|
| 106 |
res = openpty (&pfd, fd_tty, tty_name, NULL, NULL); |
| 107 |
if (res != -1) |
| 108 |
{ |
| 109 |
*ttydev = strdup (tty_name); |
| 110 |
return pfd; |
| 111 |
} |
| 112 |
|
| 113 |
return -1; |
| 114 |
} |
| 115 |
#elif defined(HAVE__GETPTY) |
| 116 |
static int |
| 117 |
get_pty (int *fd_tty, char **ttydev) |
| 118 |
{ |
| 119 |
int pfd; |
| 120 |
|
| 121 |
*ttydev = _getpty (&pfd, O_RDWR | O_NONBLOCK | O_NOCTTY, 0622, 0); |
| 122 |
if (*ttydev != NULL) |
| 123 |
return pfd; |
| 124 |
|
| 125 |
return -1; |
| 126 |
} |
| 127 |
#elif defined(HAVE_DEV_PTC) |
| 128 |
static int |
| 129 |
get_pty (int *fd_tty, char **ttydev) |
| 130 |
{ |
| 131 |
int pfd; |
| 132 |
|
| 133 |
if ((pfd = open ("/dev/ptc", O_RDWR | O_NOCTTY, 0)) >= 0) |
| 134 |
{ |
| 135 |
*ttydev = strdup (ttyname (pfd)); |
| 136 |
return pfd; |
| 137 |
} |
| 138 |
|
| 139 |
return -1; |
| 140 |
} |
| 141 |
#elif defined(HAVE_DEV_CLONE) |
| 142 |
static int |
| 143 |
get_pty (int *fd_tty, char **ttydev) |
| 144 |
{ |
| 145 |
int pfd; |
| 146 |
|
| 147 |
if ((pfd = open ("/dev/ptym/clone", O_RDWR | O_NOCTTY, 0)) >= 0) |
| 148 |
{ |
| 149 |
*ttydev = strdup (ptsname (pfd)); |
| 150 |
return pfd; |
| 151 |
} |
| 152 |
|
| 153 |
return -1; |
| 154 |
} |
| 155 |
#else |
| 156 |
/* Based on the code in openssh/openbsd-compat/bsd-openpty.c */ |
| 157 |
static int |
| 158 |
get_pty (int *fd_tty, char **ttydev) |
| 159 |
{ |
| 160 |
int pfd; |
| 161 |
int i; |
| 162 |
char pty_name[32]; |
| 163 |
char tty_name[32]; |
| 164 |
const char *majors = "pqrstuvwxyzabcde"; |
| 165 |
const char *minors = "0123456789abcdef"; |
| 166 |
for (i = 0; i < 256; i++) |
| 167 |
{ |
| 168 |
snprintf(pty_name, 32, "/dev/pty%c%c", majors[i / 16], minors[i % 16]); |
| 169 |
snprintf(tty_name, 32, "/dev/tty%c%c", majors[i / 16], minors[i % 16]); |
| 170 |
if ((pfd = open (pty_name, O_RDWR | O_NOCTTY, 0)) == -1) |
| 171 |
{ |
| 172 |
snprintf(pty_name, 32, "/dev/ptyp%d", i); |
| 173 |
snprintf(tty_name, 32, "/dev/ttyp%d", i); |
| 174 |
if ((pfd = open (pty_name, O_RDWR | O_NOCTTY, 0)) == -1) |
| 175 |
continue; |
| 176 |
} |
| 177 |
if (access (tty_name, R_OK | W_OK) == 0) |
| 178 |
{ |
| 179 |
*ttydev = strdup (tty_name); |
| 180 |
return pfd; |
| 181 |
} |
| 182 |
|
| 183 |
close (pfd); |
| 184 |
} |
| 185 |
} |
| 186 |
#endif |
| 187 |
|
| 188 |
/*----------------------------------------------------------------------*/ |
| 189 |
/* |
| 190 |
* Returns tty file descriptor, or -1 on failure |
| 191 |
*/ |
| 192 |
static int |
| 193 |
get_tty (char *ttydev) |
| 194 |
{ |
| 195 |
return open (ttydev, O_RDWR | O_NOCTTY, 0); |
| 196 |
} |
| 197 |
|
| 198 |
/*----------------------------------------------------------------------*/ |
| 199 |
/* |
| 200 |
* Make our tty a controlling tty so that /dev/tty points to us |
| 201 |
*/ |
| 202 |
static int |
| 203 |
control_tty (int fd_tty) |
| 204 |
{ |
| 205 |
setsid (); |
| 206 |
|
| 207 |
#if defined(HAVE_DEV_PTMX) && defined(I_PUSH) |
| 208 |
/* |
| 209 |
* Push STREAMS modules: |
| 210 |
* ptem: pseudo-terminal hardware emulation module. |
| 211 |
* ldterm: standard terminal line discipline. |
| 212 |
* ttcompat: V7, 4BSD and XENIX STREAMS compatibility module. |
| 213 |
* |
| 214 |
* After we push the STREAMS modules, the first open () on the slave side |
| 215 |
* (i.e. the next section between the dashes giving us "tty opened OK") |
| 216 |
* should make the "ptem" (or "ldterm" depending upon either which OS |
| 217 |
* version or which set of manual pages you have) module give us a |
| 218 |
* controlling terminal. We must already have close ()d the master side |
| 219 |
* fd in this child process before we push STREAMS modules on because the |
| 220 |
* documentation is really unclear about whether it is any close () on |
| 221 |
* the master side or the last close () - i.e. a proper STREAMS dismantling |
| 222 |
* close () - on the master side which causes a hang up to be sent |
| 223 |
* through - Geoff Wing |
| 224 |
*/ |
| 225 |
# ifdef HAVE_ISASTREAM |
| 226 |
if (isastream (fd_tty) == 1) |
| 227 |
# endif |
| 228 |
{ |
| 229 |
ioctl (fd_tty, I_PUSH, "ptem"); |
| 230 |
ioctl (fd_tty, I_PUSH, "ldterm"); |
| 231 |
ioctl (fd_tty, I_PUSH, "ttcompat"); |
| 232 |
} |
| 233 |
#endif |
| 234 |
|
| 235 |
ioctl (fd_tty, TIOCSCTTY, NULL); |
| 236 |
|
| 237 |
int fd = open ("/dev/tty", O_WRONLY); |
| 238 |
if (fd < 0) |
| 239 |
return -1; /* fatal */ |
| 240 |
|
| 241 |
close (fd); |
| 242 |
|
| 243 |
return 0; |
| 244 |
} |
| 245 |
|
| 246 |
void |
| 247 |
ptytty::close_tty () |
| 248 |
{ |
| 249 |
if (tty < 0) |
| 250 |
return; |
| 251 |
|
| 252 |
close (tty); |
| 253 |
tty = -1; |
| 254 |
} |
| 255 |
|
| 256 |
bool |
| 257 |
ptytty::make_controlling_tty () |
| 258 |
{ |
| 259 |
return control_tty (tty) >= 0; |
| 260 |
} |
| 261 |
|
| 262 |
void |
| 263 |
ptytty::set_utf8_mode (bool on) |
| 264 |
{ |
| 265 |
#ifdef IUTF8 |
| 266 |
if (pty < 0) |
| 267 |
return; |
| 268 |
|
| 269 |
struct termios tio; |
| 270 |
|
| 271 |
if (tcgetattr (pty, &tio) != -1) |
| 272 |
{ |
| 273 |
tcflag_t new_cflag = tio.c_iflag; |
| 274 |
|
| 275 |
if (on) |
| 276 |
new_cflag |= IUTF8; |
| 277 |
else |
| 278 |
new_cflag &= ~IUTF8; |
| 279 |
|
| 280 |
if (new_cflag != tio.c_iflag) |
| 281 |
{ |
| 282 |
tio.c_iflag = new_cflag; |
| 283 |
tcsetattr (pty, TCSANOW, &tio); |
| 284 |
} |
| 285 |
} |
| 286 |
#endif |
| 287 |
} |
| 288 |
|
| 289 |
static struct ttyconf { |
| 290 |
gid_t gid; |
| 291 |
mode_t mode; |
| 292 |
|
| 293 |
ttyconf () |
| 294 |
{ |
| 295 |
#ifdef TTY_GID_SUPPORT |
| 296 |
struct group *gr = getgrnam ("tty"); |
| 297 |
|
| 298 |
if (gr) |
| 299 |
{ /* change group ownership of tty to "tty" */ |
| 300 |
mode = S_IRUSR | S_IWUSR | S_IWGRP; |
| 301 |
gid = gr->gr_gid; |
| 302 |
} |
| 303 |
else |
| 304 |
#endif /* TTY_GID_SUPPORT */ |
| 305 |
{ |
| 306 |
mode = S_IRUSR | S_IWUSR | S_IWGRP | S_IWOTH; |
| 307 |
gid = 0; |
| 308 |
} |
| 309 |
} |
| 310 |
} ttyconf; |
| 311 |
|
| 312 |
ptytty_unix::ptytty_unix () |
| 313 |
{ |
| 314 |
name = 0; |
| 315 |
#if UTMP_SUPPORT |
| 316 |
cmd_pid = 0; |
| 317 |
#endif |
| 318 |
} |
| 319 |
|
| 320 |
ptytty_unix::~ptytty_unix () |
| 321 |
{ |
| 322 |
#if UTMP_SUPPORT |
| 323 |
logout (); |
| 324 |
#endif |
| 325 |
put (); |
| 326 |
} |
| 327 |
|
| 328 |
void |
| 329 |
ptytty_unix::put () |
| 330 |
{ |
| 331 |
chmod (name, RESTORE_TTY_MODE); |
| 332 |
chown (name, 0, ttyconf.gid); |
| 333 |
|
| 334 |
close_tty (); |
| 335 |
|
| 336 |
if (pty >= 0) |
| 337 |
close (pty); |
| 338 |
|
| 339 |
free (name); |
| 340 |
|
| 341 |
pty = tty = -1; |
| 342 |
name = 0; |
| 343 |
} |
| 344 |
|
| 345 |
bool |
| 346 |
ptytty_unix::get () |
| 347 |
{ |
| 348 |
/* get master (pty) */ |
| 349 |
if ((pty = get_pty (&tty, &name)) < 0) |
| 350 |
return false; |
| 351 |
|
| 352 |
fcntl (pty, F_SETFL, O_NONBLOCK); |
| 353 |
|
| 354 |
/* get slave (tty) */ |
| 355 |
if (tty < 0) |
| 356 |
{ |
| 357 |
#ifndef NO_SETOWNER_TTYDEV |
| 358 |
chown (name, getuid (), ttyconf.gid); /* fail silently */ |
| 359 |
chmod (name, ttyconf.mode); |
| 360 |
# ifdef HAVE_REVOKE |
| 361 |
revoke (name); |
| 362 |
# endif |
| 363 |
#endif |
| 364 |
|
| 365 |
if ((tty = get_tty (name)) < 0) |
| 366 |
{ |
| 367 |
put (); |
| 368 |
return false; |
| 369 |
} |
| 370 |
} |
| 371 |
|
| 372 |
return true; |
| 373 |
} |
| 374 |
|
| 375 |
#if PTYTTY_HELPER |
| 376 |
|
| 377 |
static int sock_fd = -1; |
| 378 |
static int helper_pid, owner_pid; |
| 379 |
|
| 380 |
struct command |
| 381 |
{ |
| 382 |
enum { get, login, destroy } type; |
| 383 |
|
| 384 |
ptytty *id; |
| 385 |
|
| 386 |
bool login_shell; |
| 387 |
int cmd_pid; |
| 388 |
char hostname[512]; // arbitrary, but should be plenty |
| 389 |
}; |
| 390 |
|
| 391 |
struct ptytty_proxy : ptytty |
| 392 |
{ |
| 393 |
ptytty *id; |
| 394 |
|
| 395 |
ptytty_proxy () |
| 396 |
: id(0) |
| 397 |
{ |
| 398 |
} |
| 399 |
|
| 400 |
~ptytty_proxy (); |
| 401 |
|
| 402 |
bool get (); |
| 403 |
void login (int cmd_pid, bool login_shell, const char *hostname); |
| 404 |
}; |
| 405 |
|
| 406 |
bool |
| 407 |
ptytty_proxy::get () |
| 408 |
{ |
| 409 |
command cmd; |
| 410 |
|
| 411 |
cmd.type = command::get; |
| 412 |
|
| 413 |
write (sock_fd, &cmd, sizeof (cmd)); |
| 414 |
|
| 415 |
if (read (sock_fd, &id, sizeof (id)) != sizeof (id)) |
| 416 |
ptytty_fatal ("protocol error while creating pty using helper process, aborting.\n"); |
| 417 |
|
| 418 |
if (!id) |
| 419 |
return false; |
| 420 |
|
| 421 |
if ((pty = recv_fd (sock_fd)) < 0 |
| 422 |
|| (tty = recv_fd (sock_fd)) < 0) |
| 423 |
ptytty_fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n"); |
| 424 |
|
| 425 |
return true; |
| 426 |
} |
| 427 |
|
| 428 |
void |
| 429 |
ptytty_proxy::login (int cmd_pid, bool login_shell, const char *hostname) |
| 430 |
{ |
| 431 |
command cmd; |
| 432 |
|
| 433 |
cmd.type = command::login; |
| 434 |
cmd.id = id; |
| 435 |
cmd.cmd_pid = cmd_pid; |
| 436 |
cmd.login_shell = login_shell; |
| 437 |
strncpy (cmd.hostname, hostname, sizeof (cmd.hostname)); |
| 438 |
|
| 439 |
write (sock_fd, &cmd, sizeof (cmd)); |
| 440 |
} |
| 441 |
|
| 442 |
ptytty_proxy::~ptytty_proxy () |
| 443 |
{ |
| 444 |
if (id) |
| 445 |
{ |
| 446 |
command cmd; |
| 447 |
|
| 448 |
cmd.type = command::destroy; |
| 449 |
cmd.id = id; |
| 450 |
|
| 451 |
write (sock_fd, &cmd, sizeof (cmd)); |
| 452 |
} |
| 453 |
} |
| 454 |
|
| 455 |
static |
| 456 |
void serve () |
| 457 |
{ |
| 458 |
command cmd; |
| 459 |
vector<ptytty *> ptys; |
| 460 |
|
| 461 |
while (read (sock_fd, &cmd, sizeof (command)) == sizeof (command)) |
| 462 |
{ |
| 463 |
if (cmd.type == command::get) |
| 464 |
{ |
| 465 |
// -> id ptyfd ttyfd |
| 466 |
cmd.id = new ptytty_unix; |
| 467 |
|
| 468 |
if (cmd.id->get ()) |
| 469 |
{ |
| 470 |
write (sock_fd, &cmd.id, sizeof (cmd.id)); |
| 471 |
ptys.push_back (cmd.id); |
| 472 |
|
| 473 |
ptytty::send_fd (sock_fd, cmd.id->pty); |
| 474 |
ptytty::send_fd (sock_fd, cmd.id->tty); |
| 475 |
} |
| 476 |
else |
| 477 |
{ |
| 478 |
delete cmd.id; |
| 479 |
cmd.id = 0; |
| 480 |
write (sock_fd, &cmd.id, sizeof (cmd.id)); |
| 481 |
} |
| 482 |
} |
| 483 |
else if (cmd.type == command::login) |
| 484 |
{ |
| 485 |
#if UTMP_SUPPORT |
| 486 |
if (find (ptys.begin (), ptys.end (), cmd.id)) |
| 487 |
{ |
| 488 |
cmd.hostname[sizeof (cmd.hostname) - 1] = 0; |
| 489 |
cmd.id->login (cmd.cmd_pid, cmd.login_shell, cmd.hostname); |
| 490 |
} |
| 491 |
#endif |
| 492 |
} |
| 493 |
else if (cmd.type == command::destroy) |
| 494 |
{ |
| 495 |
vector<ptytty *>::iterator pty = find (ptys.begin (), ptys.end (), cmd.id); |
| 496 |
|
| 497 |
if (pty != ptys.end ()) |
| 498 |
{ |
| 499 |
delete *pty; |
| 500 |
ptys.erase (pty); |
| 501 |
} |
| 502 |
} |
| 503 |
else |
| 504 |
break; |
| 505 |
} |
| 506 |
|
| 507 |
// destroy all ptys |
| 508 |
for (vector<ptytty *>::iterator i = ptys.end (); i-- > ptys.begin (); ) |
| 509 |
delete *i; |
| 510 |
} |
| 511 |
|
| 512 |
void |
| 513 |
ptytty::use_helper () |
| 514 |
{ |
| 515 |
int pid = getpid (); |
| 516 |
|
| 517 |
if (sock_fd >= 0 && pid == owner_pid) |
| 518 |
return; |
| 519 |
|
| 520 |
owner_pid = pid; |
| 521 |
|
| 522 |
int sv[2]; |
| 523 |
|
| 524 |
if (socketpair (AF_UNIX, SOCK_STREAM, 0, sv)) |
| 525 |
ptytty_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n"); |
| 526 |
|
| 527 |
helper_pid = fork (); |
| 528 |
|
| 529 |
if (helper_pid < 0) |
| 530 |
ptytty_fatal ("could not create pty/sessiondb helper process, aborting.\n"); |
| 531 |
|
| 532 |
if (helper_pid) |
| 533 |
{ |
| 534 |
// client, process |
| 535 |
sock_fd = sv[0]; |
| 536 |
close (sv[1]); |
| 537 |
fcntl (sock_fd, F_SETFD, FD_CLOEXEC); |
| 538 |
} |
| 539 |
else |
| 540 |
{ |
| 541 |
// server, pty-helper |
| 542 |
sock_fd = sv[1]; |
| 543 |
|
| 544 |
chdir ("/"); |
| 545 |
|
| 546 |
for (int fd = 0; fd < 1023; fd++) |
| 547 |
if (fd != sock_fd) |
| 548 |
close (fd); |
| 549 |
|
| 550 |
serve (); |
| 551 |
_exit (EXIT_SUCCESS); |
| 552 |
} |
| 553 |
} |
| 554 |
|
| 555 |
#endif |
| 556 |
|
| 557 |
ptytty * |
| 558 |
ptytty::create () |
| 559 |
{ |
| 560 |
#if PTYTTY_HELPER |
| 561 |
if (helper_pid && getpid () == owner_pid) |
| 562 |
// use helper process |
| 563 |
return new ptytty_proxy; |
| 564 |
else |
| 565 |
#endif |
| 566 |
return new ptytty_unix; |
| 567 |
} |
| 568 |
|
| 569 |
void |
| 570 |
ptytty::init () |
| 571 |
{ |
| 572 |
uid_t uid = getuid (); |
| 573 |
gid_t gid = getgid (); |
| 574 |
|
| 575 |
// before doing anything else, check for setuid/setgid operation, |
| 576 |
// start the helper process and drop privileges |
| 577 |
if (uid != geteuid () |
| 578 |
|| gid != getegid ()) |
| 579 |
{ |
| 580 |
#if PTYTTY_HELPER |
| 581 |
use_helper (); |
| 582 |
#else |
| 583 |
ptytty_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n"); |
| 584 |
#endif |
| 585 |
|
| 586 |
drop_privileges (); |
| 587 |
} |
| 588 |
} |
| 589 |
|
| 590 |
void |
| 591 |
ptytty::drop_privileges () |
| 592 |
{ |
| 593 |
uid_t uid = getuid (); |
| 594 |
gid_t gid = getgid (); |
| 595 |
|
| 596 |
// drop privileges |
| 597 |
#if HAVE_SETRESUID |
| 598 |
setresgid (gid, gid, gid); |
| 599 |
setresuid (uid, uid, uid); |
| 600 |
#elif HAVE_SETREUID |
| 601 |
setregid (gid, gid); |
| 602 |
setreuid (uid, uid); |
| 603 |
#elif HAVE_SETUID |
| 604 |
setgid (gid); |
| 605 |
setuid (uid); |
| 606 |
#endif |
| 607 |
|
| 608 |
if (uid != geteuid () |
| 609 |
|| gid != getegid ()) |
| 610 |
ptytty_fatal ("unable to drop privileges, aborting.\n"); |
| 611 |
} |
| 612 |
|
