mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2024-11-14 02:06:16 +02:00
* Move setuidCleanup() to libutil.
This commit is contained in:
parent
f76fdb6d42
commit
a82d80ddeb
5 changed files with 23 additions and 27 deletions
|
@ -1,22 +0,0 @@
|
||||||
/* Code shared between libmain and nix-setuid-helper. */
|
|
||||||
|
|
||||||
extern char * * environ;
|
|
||||||
|
|
||||||
|
|
||||||
namespace nix {
|
|
||||||
|
|
||||||
|
|
||||||
void setuidCleanup()
|
|
||||||
{
|
|
||||||
/* Don't trust the environment. */
|
|
||||||
environ = 0;
|
|
||||||
|
|
||||||
/* Make sure that file descriptors 0, 1, 2 are open. */
|
|
||||||
for (int fd = 0; fd <= 2; ++fd) {
|
|
||||||
struct stat st;
|
|
||||||
if (fstat(fd, &st) == -1) abort();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
|
@ -14,9 +14,6 @@
|
||||||
#include <aterm2.h>
|
#include <aterm2.h>
|
||||||
|
|
||||||
|
|
||||||
#include "setuid-common.hh"
|
|
||||||
|
|
||||||
|
|
||||||
namespace nix {
|
namespace nix {
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -17,6 +17,9 @@
|
||||||
#include "util.hh"
|
#include "util.hh"
|
||||||
|
|
||||||
|
|
||||||
|
extern char * * environ;
|
||||||
|
|
||||||
|
|
||||||
namespace nix {
|
namespace nix {
|
||||||
|
|
||||||
|
|
||||||
|
@ -818,6 +821,19 @@ void quickExit(int status)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
void setuidCleanup()
|
||||||
|
{
|
||||||
|
/* Don't trust the environment. */
|
||||||
|
environ = 0;
|
||||||
|
|
||||||
|
/* Make sure that file descriptors 0, 1, 2 are open. */
|
||||||
|
for (int fd = 0; fd <= 2; ++fd) {
|
||||||
|
struct stat st;
|
||||||
|
if (fstat(fd, &st) == -1) abort();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -237,6 +237,10 @@ string runProgram(Path program);
|
||||||
Cygwin, _exit() doesn't seem to do the right thing.) */
|
Cygwin, _exit() doesn't seem to do the right thing.) */
|
||||||
void quickExit(int status);
|
void quickExit(int status);
|
||||||
|
|
||||||
|
/* Common initialisation for setuid programs: clear the environment,
|
||||||
|
sanitize file handles 0, 1 and 2. */
|
||||||
|
void setuidCleanup();
|
||||||
|
|
||||||
|
|
||||||
/* User interruption. */
|
/* User interruption. */
|
||||||
|
|
||||||
|
|
|
@ -12,11 +12,12 @@
|
||||||
|
|
||||||
#include "util.hh"
|
#include "util.hh"
|
||||||
|
|
||||||
#include "../libmain/setuid-common.hh"
|
|
||||||
|
|
||||||
using namespace nix;
|
using namespace nix;
|
||||||
|
|
||||||
|
|
||||||
|
extern char * * environ;
|
||||||
|
|
||||||
|
|
||||||
/* Recursively change the ownership of `path' to user `uidTo' and
|
/* Recursively change the ownership of `path' to user `uidTo' and
|
||||||
group `gidTo'. `path' must currently be owned by user `uidFrom',
|
group `gidTo'. `path' must currently be owned by user `uidFrom',
|
||||||
or, if `uidFrom' is -1, by group `gidFrom'. */
|
or, if `uidFrom' is -1, by group `gidFrom'. */
|
||||||
|
|
Loading…
Reference in a new issue