9cfed7116a
a bug similar to #247985
48 lines
1.3 KiB
Diff
48 lines
1.3 KiB
Diff
diff -up netkit-rwall-0.17/rpc.rwalld/rwalld.c.debug netkit-rwall-0.17/rpc.rwalld/rwalld.c
|
|
--- netkit-rwall-0.17/rpc.rwalld/rwalld.c.debug 2011-08-01 15:22:08.886396602 +0200
|
|
+++ netkit-rwall-0.17/rpc.rwalld/rwalld.c 2011-08-01 15:22:08.901396602 +0200
|
|
@@ -90,20 +90,6 @@ main(int argc, char *argv[])
|
|
exit(1);
|
|
}
|
|
|
|
- if (getuid() == 0 || geteuid() == 0) {
|
|
- struct passwd *pwd = getpwnam("nobody");
|
|
- if (pwd) {
|
|
- initgroups(pwd->pw_name, pwd->pw_gid);
|
|
- setgid(pwd->pw_gid);
|
|
- setuid(pwd->pw_uid);
|
|
- }
|
|
- seteuid(0); /* this should fail */
|
|
- if (getuid() == 0 || geteuid() == 0) {
|
|
- syslog(LOG_CRIT, "can't drop root privileges");
|
|
- exit(1);
|
|
- }
|
|
- }
|
|
-
|
|
/*
|
|
* See if inetd started us
|
|
*/
|
|
@@ -153,6 +139,22 @@ main(int argc, char *argv[])
|
|
(void)fprintf(stderr, "unable to register (WALLPROG, WALLVERS, udp).\n");
|
|
exit(1);
|
|
}
|
|
+
|
|
+ /* Drop privilege */
|
|
+ if (getuid() == 0 || geteuid() == 0) {
|
|
+ struct passwd *pwd = getpwnam("nobody");
|
|
+ if (pwd) {
|
|
+ initgroups(pwd->pw_name, pwd->pw_gid);
|
|
+ setgid(pwd->pw_gid);
|
|
+ setuid(pwd->pw_uid);
|
|
+ }
|
|
+ seteuid(0); /* this should fail */
|
|
+ if (getuid() == 0 || geteuid() == 0) {
|
|
+ syslog(LOG_CRIT, "can't drop root privileges");
|
|
+ exit(1);
|
|
+ }
|
|
+ }
|
|
+
|
|
svc_run();
|
|
(void)fprintf(stderr, "svc_run returned\n");
|
|
exit(1);
|