diff options
Diffstat (limited to 'thirdparty/libwebsockets/lib/plat/unix/unix-caps.c')
| -rw-r--r-- | thirdparty/libwebsockets/lib/plat/unix/unix-caps.c | 85 |
1 files changed, 0 insertions, 85 deletions
diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-caps.c b/thirdparty/libwebsockets/lib/plat/unix/unix-caps.c deleted file mode 100644 index 64aea61816..0000000000 --- a/thirdparty/libwebsockets/lib/plat/unix/unix-caps.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#define _GNU_SOURCE -#include "core/private.h" - -#include <pwd.h> -#include <grp.h> - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) -static void -_lws_plat_apply_caps(int mode, const cap_value_t *cv, int count) -{ - cap_t caps; - - if (!count) - return; - - caps = cap_get_proc(); - - cap_set_flag(caps, mode, count, cv, CAP_SET); - cap_set_proc(caps); - prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); - cap_free(caps); -} -#endif - -void -lws_plat_drop_app_privileges(const struct lws_context_creation_info *info) -{ - if (info->gid && info->gid != -1) - if (setgid(info->gid)) - lwsl_warn("setgid: %s\n", strerror(LWS_ERRNO)); - - if (info->uid && info->uid != -1) { - struct passwd *p = getpwuid(info->uid); - - if (p) { - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - _lws_plat_apply_caps(CAP_PERMITTED, info->caps, - info->count_caps); -#endif - - initgroups(p->pw_name, info->gid); - if (setuid(info->uid)) - lwsl_warn("setuid: %s\n", strerror(LWS_ERRNO)); - else - lwsl_notice("Set privs to user '%s'\n", - p->pw_name); - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - _lws_plat_apply_caps(CAP_EFFECTIVE, info->caps, - info->count_caps); - - if (info->count_caps) { - int n; - for (n = 0; n < info->count_caps; n++) - lwsl_notice(" RETAINING CAP %d\n", - (int)info->caps[n]); - } -#endif - - } else - lwsl_warn("getpwuid: unable to find uid %d", info->uid); - } -} |