summaryrefslogtreecommitdiff
path: root/src/main.c
diff options
context:
space:
mode:
authorMukund Sivaraman <muks@banu.com>2009-09-15 01:53:07 +0530
committerMukund Sivaraman <muks@banu.com>2009-09-15 01:55:16 +0530
commit56748c5e65af91daadc828d438bba6010a6aff0e (patch)
treec286b0351bf6785950fed49f56f695d33c7bc5ec /src/main.c
parent5ec5449194a8f9d977d3ab0be7a1f7e5d41cb638 (diff)
downloadtinyproxy-56748c5e65af91daadc828d438bba6010a6aff0e.tar.gz
tinyproxy-56748c5e65af91daadc828d438bba6010a6aff0e.zip
Extract setuid/setgid code into a function
Diffstat (limited to 'src/main.c')
-rw-r--r--src/main.c115
1 files changed, 62 insertions, 53 deletions
diff --git a/src/main.c b/src/main.c
index ff14c56..2442cf8 100644
--- a/src/main.c
+++ b/src/main.c
@@ -205,11 +205,67 @@ process_cmdline (int argc, char **argv)
}
}
+static void
+change_user (const char *program)
+{
+ if (config.group && strlen (config.group) > 0) {
+ int gid = get_id (config.group);
+
+ if (gid < 0) {
+ struct group *thisgroup = getgrnam (config.group);
+
+ if (!thisgroup) {
+ fprintf (stderr,
+ "%s: Unable to find group \"%s\".\n",
+ program, config.group);
+ exit (EX_NOUSER);
+ }
+
+ gid = thisgroup->gr_gid;
+ }
+
+ if (setgid (gid) < 0) {
+ fprintf (stderr,
+ "%s: Unable to change to group \"%s\".\n",
+ program, config.group);
+ exit (EX_CANTCREAT);
+ }
+
+ log_message (LOG_INFO, "Now running as group \"%s\".",
+ config.group);
+ }
+
+ if (config.user && strlen (config.user) > 0) {
+ int uid = get_id (config.user);
+
+ if (uid < 0) {
+ struct passwd *thisuser = getpwnam (config.user);
+
+ if (!thisuser) {
+ fprintf (stderr,
+ "%s: Unable to find user \"%s\".\n",
+ program, config.user);
+ exit (EX_NOUSER);
+ }
+
+ uid = thisuser->pw_uid;
+ }
+
+ if (setuid (uid) < 0) {
+ fprintf (stderr,
+ "%s: Unable to change to user \"%s\".\n",
+ program, config.user);
+ exit (EX_CANTCREAT);
+ }
+
+ log_message (LOG_INFO, "Now running as user \"%s\".",
+ config.user);
+ }
+}
+
int
main (int argc, char **argv)
{
- struct passwd *thisuser = NULL;
- struct group *thisgroup = NULL;
FILE *config_file;
/* Only allow u+rw bits. This may be required for some versions
@@ -344,59 +400,12 @@ main (int argc, char **argv)
exit (EX_OSERR);
}
- /*
- * Switch to a different user.
- */
- if (geteuid () == 0) {
- if (config.group && strlen (config.group) > 0) {
- int gid = get_id (config.group);
- if (gid < 0) {
- thisgroup = getgrnam (config.group);
- if (!thisgroup) {
- fprintf (stderr,
- "%s: Unable to find "
- "group \"%s\".\n", argv[0],
- config.group);
- exit (EX_NOUSER);
- }
- gid = thisgroup->gr_gid;
- }
- if (setgid (gid) < 0) {
- fprintf (stderr,
- "%s: Unable to change to "
- "group \"%s\".\n", argv[0],
- config.group);
- exit (EX_CANTCREAT);
- }
- log_message (LOG_INFO, "Now running as group \"%s\".",
- config.group);
- }
- if (config.user && strlen (config.user) > 0) {
- int uid = get_id (config.user);
- if (uid < 0) {
- thisuser = getpwnam (config.user);
- if (!thisuser) {
- fprintf (stderr,
- "%s: Unable to find "
- "user \"%s\".\n", argv[0],
- config.user);
- exit (EX_NOUSER);
- }
- uid = thisuser->pw_uid;
- }
- if (setuid (uid) < 0) {
- fprintf (stderr,
- "%s: Unable to change to user \"%s\".\n",
- argv[0], config.user);
- exit (EX_CANTCREAT);
- }
- log_message (LOG_INFO, "Now running as user \"%s\".",
- config.user);
- }
- } else {
+ /* Switch to a different user if we're running as root */
+ if (geteuid () == 0)
+ change_user (argv[0]);
+ else
log_message (LOG_WARNING,
"Not running as root, so not changing UID/GID.");
- }
if (child_pool_create () < 0) {
fprintf (stderr, "%s: Could not create the pool of children.\n",