From owner-freebsd-bugs@FreeBSD.ORG Mon Jan 29 21:30:22 2007 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C410B16A400 for ; Mon, 29 Jan 2007 21:30:22 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id 748B913C428 for ; Mon, 29 Jan 2007 21:30:22 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l0TLUM55093289 for ; Mon, 29 Jan 2007 21:30:22 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l0TLUM2r093285; Mon, 29 Jan 2007 21:30:22 GMT (envelope-from gnats) Date: Mon, 29 Jan 2007 21:30:22 GMT Message-Id: <200701292130.l0TLUM2r093285@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: Mike Pritchard Cc: Subject: Re: bin/108523: [patch] daemon(8): support for dropping privileges X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Mike Pritchard List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jan 2007 21:30:22 -0000 The following reply was made to PR bin/108523; it has been noted by GNATS. From: Mike Pritchard To: Dmitri Alenitchev Cc: FreeBSD-gnats-submit@FreeBSD.org Subject: Re: bin/108523: [patch] daemon(8): support for dropping privileges Date: Mon, 29 Jan 2007 14:59:21 -0600 On Mon, Jan 29, 2007 at 09:13:23PM +0300, Dmitri Alenitchev wrote: > > >Number: 108523 > >Category: bin > >Synopsis: [patch] daemon(8): support for dropping privileges > >Description: > support for dropping privileges to specified user and/or group > >How-To-Repeat: > > >Fix: > @@ -109,9 +126,32 @@ > } > > static void > +restrict_process(const char *user, const char *group) > +{ > + struct group *gr = NULL; > + struct passwd *pw = NULL; > + errno = 0; > + > + if (group != NULL) { > + if ((gr = getgrnam(group)) == NULL) > + errx(1, "Group %s does not exist", group); > + if (setregid(gr->gr_gid, gr->gr_gid) == -1) > + err(1, "%s", group); > + } > + > + if (user != NULL) { > + if ((pw = getpwnam(user)) == NULL) > + errx(1, "User %s does not exist", user); > + if (setreuid(pw->pw_uid, pw->pw_uid) == -1) > + err(1, "%s", user); > + } > +} The group list should also be set with initgroups(). And I think setgid() and setuid() are the preferred methods of changing the gid/uid, not setre*id(). -- Mike Pritchard mpp @ mppsystems.com or mpp @ FreeBSD.org "If tyranny and oppression come to this land, it will be in the guise of fighting a foreign enemy." - James Madison (1787)