summaryrefslogtreecommitdiff
path: root/privs.c
blob: ac4ad25c337b2db978b5a9e76cefc2218e7eb07f (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

#include <unistd.h>
#include <sys/types.h>

#include "privs.h"
#include "die.h"

void drop_privileges(bool enforce, uid_t uid, gid_t gid)
{
	if (enforce) {
		if (uid == getuid())
			panic("Uid cannot be the same as the current user!\n");
		if (gid == getgid())
			panic("Gid cannot be the same as the current user!\n");
	}
	if (setgid(gid) != 0)
		panic("Unable to drop group privileges: %s!\n", strerror(errno));
	if (setuid(uid) != 0)
		panic("Unable to drop user privileges: %s!\n", strerror(errno));
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-30 06:03:37 +0000
atch) tree9acf1060c120551d70a9b31fc8075bf1d834eb98 parentccf7abb93af09ad0868ae9033d1ca8108bdaec82 (diff)parent837585a5375c38d40361cfe64e6fd11e1addb936 (diff)
Merge branch 'read-vnet_hdr_sz-once'
Willem de Bruijn says: ==================== read vnet_hdr_sz once Tuntap devices allow concurrent use and update of field vnet_hdr_sz. Read the field once to avoid TOCTOU. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat
-rw-r--r--drivers/net/macvtap.c4
-rw-r--r--drivers/net/tun.c10
2 files changed, 8 insertions, 6 deletions
diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c