Репозитории ALT
Группа :: Мониторинг
Пакет: ngrep
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: ngrep-1.45-alt-chroot.patch
Скачать
Скачать
--- ngrep.c
+++ ngrep.c
@@ -1164,43 +1164,45 @@ void update_windowsize(int32_t e) {
}
}
}
+#endif /* !defined(_WIN32) */
-#if USE_DROPPRIVS
+#if defined(USE_DROPPRIVS) && !defined(_WIN32)
+#define DROPPRIVS_DIR "/var/resolv"
void drop_privs(void) {
struct passwd *pw;
uid_t newuid;
gid_t newgid;
- if ((getuid() || geteuid()) || dont_dropprivs)
+ if (dont_dropprivs || geteuid())
return;
pw = getpwnam(DROPPRIVS_USER);
if (!pw) {
- perror("attempt to drop privileges failed: getpwnam failed");
+ perror("attempt to drop privileges failed: user \"" DROPPRIVS_USER "\" lookup failed");
clean_exit(-1);
}
newgid = pw->pw_gid;
newuid = pw->pw_uid;
+ endpwent();
- if (getgroups(0, NULL) > 0)
- if (setgroups(1, &newgid) == -1) {
- perror("attempt to drop privileges failed");
- clean_exit(-1);
- }
+ if (chdir(DROPPRIVS_DIR) < 0 || chroot(".") < 0) {
+ perror("attempt to drop privileges failed: chdir/chroot to \"" DROPPRIVS_DIR "\" failed");
+ clean_exit(-1);
+ }
- if (((getgid() != newgid) && (setgid(newgid) == -1)) ||
- ((getegid() != newgid) && (setegid(newgid) == -1)) ||
- ((getuid() != newuid) && (setuid(newuid) == -1)) ||
- ((geteuid() != newuid) && (seteuid(newuid) == -1))) {
+ if (setgroups(1, &newgid) < 0) {
+ perror("attempt to drop privileges failed: setgroups failed");
+ clean_exit(-1);
+ }
- perror("attempt to drop privileges failed");
+ if (setgid(newgid) < 0 || setuid(newuid) < 0) {
+ perror("attempt to drop privileges failed: setgid/setuid failed");
clean_exit(-1);
}
}
-#endif
-#endif
+#endif /* if defined(USE_DROPPRIVS) && !defined(_WIN32) */
void usage(int8_t e) {
printf("usage: ngrep <-"