Commit f22757c4 authored by rswindell's avatar rswindell
Browse files

Only do the whole Linux-capabilities dance when run as root (user-id 0).

This eliminates the error messages that would be displayed/logged when
attempting the SYS_capset SYSCALL, which fails when not root.

So the capabilities dance enabled with USE_LINUX_CAPS (which is automatically
enabled when /usr/include/sys/capabilites.h exists, which is installed with
the libcap2-dev package) apparently is still useful if you need to start
sbbs as root: the main thread will remain as root even when the child
threads have their user-id's changed to the user specified in the [UNIX]
section of sbbs.ini or on the command-line
- so reducing the enabled privilege set for this root/main thread to the
minimum needed, is a good security measure. It does this reduction (call to
linux_minprivs() after the call to change_user()) so I'm not exactly sure how
that works, but according to Deuce, this is what's happening. :-/
parent eb996d8b
......@@ -1995,29 +1995,31 @@ int main(int argc, char** argv)
#elif defined(__unix__)
#ifdef USE_LINUX_CAPS /* set capabilities and change user before we start threads */
whoami();
if(list_caps() && linux_initialprivs()) {
if(linux_keepcaps() < 0) {
lputs(LOG_ERR,"linux_keepcaps() FAILED");
lputs(LOG_ERR,strerror(errno));
}
else {
if(!change_user()) {
lputs(LOG_ERR,"change_user() FAILED");
if(getuid() == 0) {
whoami();
if(list_caps() && linux_initialprivs()) {
if(linux_keepcaps() < 0) {
lputs(LOG_ERR,"linux_keepcaps() FAILED");
lputs(LOG_ERR,strerror(errno));
}
else {
if(!linux_minprivs()) {
lputs(LOG_ERR,"linux_minprivs() FAILED");
lputs(LOG_ERR,strerror(errno));
}
if(!change_user()) {
lputs(LOG_ERR,"change_user() FAILED");
}
else {
capabilities_set=TRUE;
if(!linux_minprivs()) {
lputs(LOG_ERR,"linux_minprivs() FAILED");
lputs(LOG_ERR,strerror(errno));
}
else {
capabilities_set=TRUE;
}
}
}
}
whoami();
list_caps();
}
whoami();
list_caps();
#endif /* USE_LINUX_CAPS */
/* Set up blocked signals */
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment