On 12/16/2012 09:38 AM, Tanu Kaskinen wrote:
Does someone want to review this?
On Thu, 2012-04-05 at 15:37 +0300, Tanu Kaskinen wrote:
Capability dropping when changing the user in the system
mode was previously implemented by calling
prctl(PR_SET_KEEPCAPS, 0), but that doesn't necessarily
work. It's possible that the KEEPCAPS flag is locked to 1,
in which case the prctl() call fails with EPERM (this
happens at least on Harmattan). This patch implements
explicit capability dropping after changing the user.
---
src/daemon/caps.c | 27 +++++++++++++--------------
src/daemon/caps.h | 2 ++
src/daemon/main.c | 4 +++-
3 files changed, 18 insertions(+), 15 deletions(-)
diff --git a/src/daemon/caps.c b/src/daemon/caps.c
index 3759388..36b76a9 100644
--- a/src/daemon/caps.c
+++ b/src/daemon/caps.c
@@ -36,10 +36,6 @@
#include <sys/capability.h>
#endif
-#ifdef HAVE_SYS_PRCTL_H
-#include <sys/prctl.h>
-#endif
-
#include "caps.h"
/* Glibc <= 2.2 has broken unistd.h */
@@ -78,17 +74,20 @@ void pa_drop_root(void) {
pa_assert_se(getegid() == gid);
#endif
-#ifdef HAVE_SYS_PRCTL_H
- pa_assert_se(prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0) == 0);
-#endif
+ if (uid != 0)
+ pa_drop_caps();
Why should caps not be dropped if uid == 0?
--
David Henningsson, Canonical Ltd.
https://launchpad.net/~diwic
_______________________________________________
pulseaudio-discuss mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/pulseaudio-discuss
