From 4722d3bac43062a9213a08ed2435b8ef9b426789 Mon Sep 17 00:00:00 2001
From: Daniel Borkmann <dborkman@redhat.com>
Date: Tue, 4 Jun 2013 10:52:34 +0200
Subject: privs: move drop_privileges out of xutils

Again, also to be able to maintain this more easily.

Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
---
 privs.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 privs.c

(limited to 'privs.c')

diff --git a/privs.c b/privs.c
new file mode 100644
index 0000000..ac4ad25
--- /dev/null
+++ b/privs.c
@@ -0,0 +1,19 @@
+#include <unistd.h>
+#include <sys/types.h>
+
+#include "privs.h"
+#include "die.h"
+
+void drop_privileges(bool enforce, uid_t uid, gid_t gid)
+{
+	if (enforce) {
+		if (uid == getuid())
+			panic("Uid cannot be the same as the current user!\n");
+		if (gid == getgid())
+			panic("Gid cannot be the same as the current user!\n");
+	}
+	if (setgid(gid) != 0)
+		panic("Unable to drop group privileges: %s!\n", strerror(errno));
+	if (setuid(uid) != 0)
+		panic("Unable to drop user privileges: %s!\n", strerror(errno));
+}
-- 
cgit v1.2.3-54-g00ecf