From adcf0e4a330995739a4298abd33588e44bd329a1 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Sun, 30 Apr 2000 06:52:59 +0000 Subject: Update. * iconv/iconv_prog.c (main): Handle input file name "-" correctly. Recognize option -s, -c, and -l. 2000-04-20 Thorsten Kukuk * nscd/nscd.c: Start new session for nscd, drop privilegs to configured user if requested and no -S parameter are used. * nscd/nscd.conf: Add new option "server-user". * nscd/nscd_conf.c: Add support for new "server-user" option. * nscd/nscd.h: Add declaration for server_user variable. Based on patch by Chris Wing 2000-04-29 Mark Kettenis * sysdeps/unix/sysv/linux/i386/sigaction.c: Add comment explaining that changing the __restore and __restore_rt signal return code will break GDB. 2000-04-29 Mark Kettenis * sysdeps/unix/sysv/linux/i386/sys/ucontext.h: Do not include . 2000-04-29 Mark Kettenis * conform/data/ucontext.h-data: Allow ss_* instead of SS_*. 2000-04-29 Ulrich Drepper --- nscd/nscd.c | 43 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) (limited to 'nscd/nscd.c') diff --git a/nscd/nscd.c b/nscd/nscd.c index 45928f0f67..bc291d81d9 100644 --- a/nscd/nscd.c +++ b/nscd/nscd.c @@ -1,4 +1,4 @@ -/* Copyright (c) 1998, 1999 Free Software Foundation, Inc. +/* Copyright (c) 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Thorsten Kukuk , 1998. @@ -62,6 +62,7 @@ int do_shutdown; int disabled_passwd; int disabled_group; int go_background = 1; +const char *server_user; int secure[lastdb]; int secure_in_use; @@ -69,6 +70,7 @@ static const char *conffile = _PATH_NSCDCONF; static int check_pid (const char *file); static int write_pid (const char *file); +static void drop_privileges (void); /* Name and version of program. */ static void print_version (FILE *stream, struct argp_state *state); @@ -140,6 +142,8 @@ main (int argc, char **argv) if (fork ()) exit (0); + setsid (); + chdir ("/"); openlog ("nscd", LOG_CONS | LOG_ODELAY, LOG_DAEMON); @@ -164,6 +168,10 @@ main (int argc, char **argv) /* Init databases. */ nscd_init (conffile); + /* Change to unprivileged UID if specifed in config file */ + if(server_user && !secure_in_use) + drop_privileges (); + /* Handle incoming requests */ start_threads (); @@ -364,3 +372,36 @@ write_pid (const char *file) return 0; } + +/* Look up the uid and gid associated with the user we are supposed to run + the server as, and then call setgid(), setgroups(), and setuid(). + Otherwise, abort- we should not run as root if the configuration file + specifically tells us not to. */ + +static void +drop_privileges (void) +{ + int buflen = 256; + char *buffer = alloca (buflen); + struct passwd resultbuf; + struct passwd *pwd; + + while (__getpwnam_r (server_user, &resultbuf, buffer, buflen, &pwd) != 0 + && errno == ERANGE) + { + errno = 0; + buflen += 256; + buffer = alloca (buflen); + } + + if(!pwd) + { + dbg_log (_("Failed to look up user '%s' to run server as"), + server_user); + exit(1); + } + + setgroups (0, NULL); + setgid (pwd->pw_gid); + setuid (pwd->pw_uid); +} -- cgit v1.2.3