diff options
author | Daniel Borkmann <dborkman@redhat.com> | 2013-06-04 10:52:34 +0200 |
---|---|---|
committer | Daniel Borkmann <dborkman@redhat.com> | 2013-06-04 10:53:19 +0200 |
commit | 4722d3bac43062a9213a08ed2435b8ef9b426789 (patch) | |
tree | fa40f2282cda080bd697b976ae0f6ab89a38a6d4 | |
parent | 23bd5ecbd11766088784507a56e32975b4c755a2 (diff) |
privs: move drop_privileges out of xutils
Again, also to be able to maintain this more easily.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
-rw-r--r-- | netsniff-ng.c | 1 | ||||
-rw-r--r-- | netsniff-ng/Makefile | 1 | ||||
-rw-r--r-- | privs.c | 19 | ||||
-rw-r--r-- | privs.h | 8 | ||||
-rw-r--r-- | trafgen.c | 1 | ||||
-rw-r--r-- | trafgen/Makefile | 1 | ||||
-rw-r--r-- | xutils.c | 14 | ||||
-rw-r--r-- | xutils.h | 1 |
8 files changed, 31 insertions, 15 deletions
diff --git a/netsniff-ng.c b/netsniff-ng.c index b0b6f51..f20ebe0 100644 --- a/netsniff-ng.c +++ b/netsniff-ng.c @@ -30,6 +30,7 @@ #include "promisc.h" #include "built_in.h" #include "pcap_io.h" +#include "privs.h" #include "bpf.h" #include "ioops.h" #include "die.h" diff --git a/netsniff-ng/Makefile b/netsniff-ng/Makefile index 11467c9..23d7b5d 100644 --- a/netsniff-ng/Makefile +++ b/netsniff-ng/Makefile @@ -33,6 +33,7 @@ netsniff-ng-objs = dissector.o \ proto_mpls_unicast.o \ proto_80211_mac_hdr.o \ promisc.o \ + privs.o \ dev.o \ str.o \ irq.o \ @@ -0,0 +1,19 @@ +#include <unistd.h> +#include <sys/types.h> + +#include "privs.h" +#include "die.h" + +void drop_privileges(bool enforce, uid_t uid, gid_t gid) +{ + if (enforce) { + if (uid == getuid()) + panic("Uid cannot be the same as the current user!\n"); + if (gid == getgid()) + panic("Gid cannot be the same as the current user!\n"); + } + if (setgid(gid) != 0) + panic("Unable to drop group privileges: %s!\n", strerror(errno)); + if (setuid(uid) != 0) + panic("Unable to drop user privileges: %s!\n", strerror(errno)); +} @@ -0,0 +1,8 @@ +#ifndef PRIVS_H +#define PRIVS_H + +#include <stdbool.h> + +extern void drop_privileges(bool enforce, uid_t uid, gid_t gid); + +#endif /* PRIVS_H */ @@ -37,6 +37,7 @@ #include "str.h" #include "cpus.h" #include "lockme.h" +#include "privs.h" #include "mac80211.h" #include "xutils.h" #include "ioops.h" diff --git a/trafgen/Makefile b/trafgen/Makefile index 2bb1a2f..2df9dbf 100644 --- a/trafgen/Makefile +++ b/trafgen/Makefile @@ -5,6 +5,7 @@ trafgen-libs = $(shell pkg-config --libs libnl-3.0) \ trafgen-objs = xmalloc.o \ ioops.o \ xutils.o \ + privs.o \ dev.o \ irq.o \ str.o \ @@ -201,20 +201,6 @@ u32 wireless_bitrate(const char *ifname) return rate_in_mbit; } -void drop_privileges(bool enforce, uid_t uid, gid_t gid) -{ - if (enforce) { - if (uid == getuid()) - panic("Uid cannot be the same as the current user!\n"); - if (gid == getgid()) - panic("Gid cannot be the same as the current user!\n"); - } - if (setgid(gid) != 0) - panic("Unable to drop group privileges: %s!\n", strerror(errno)); - if (setuid(uid) != 0) - panic("Unable to drop user privileges: %s!\n", strerror(errno)); -} - int get_system_socket_mem(int which) { int fd, val = -1; @@ -33,7 +33,6 @@ extern u32 wireless_bitrate(const char *ifname); extern u32 ethtool_bitrate(const char *ifname); extern int ethtool_drvinf(const char *ifname, struct ethtool_drvinfo *drvinf); extern int ethtool_link(const char *ifname); -extern void drop_privileges(bool enforce, uid_t uid, gid_t gid); extern void set_nonblocking(int fd); extern int set_nonblocking_sloppy(int fd); extern int set_reuseaddr(int fd); |