diff options
author | Pierre Ossman <ossman@cendio.se> | 2006-07-20 13:19:16 +0000 |
---|---|---|
committer | Pierre Ossman <ossman@cendio.se> | 2006-07-20 13:19:16 +0000 |
commit | 57d8a315ea3c3e4e19e19fe1d293ca941d6229d5 (patch) | |
tree | 361af432d85acc9130a42b3625559ae5611d20e7 | |
parent | 8d2dc9c4d14fd879aac3e4137b1dfc2c32a338cb (diff) |
Move check for SUID into the caps functions.
git-svn-id: file:///home/lennart/svn/public/pulseaudio/trunk@1119 fefdeb5f-60dc-0310-8127-8f9354f1896f
-rw-r--r-- | src/daemon/caps.c | 9 | ||||
-rw-r--r-- | src/daemon/main.c | 6 |
2 files changed, 11 insertions, 4 deletions
diff --git a/src/daemon/caps.c b/src/daemon/caps.c index dc74bc7d..957824d9 100644 --- a/src/daemon/caps.c +++ b/src/daemon/caps.c @@ -27,6 +27,7 @@ #include <unistd.h> #include <errno.h> #include <string.h> +#include <sys/types.h> #ifdef HAVE_SYS_CAPABILITY_H #include <sys/capability.h> @@ -80,6 +81,10 @@ int pa_limit_caps(void) { cap_t caps; cap_value_t nice_cap = CAP_SYS_NICE; + /* Only drop caps when called SUID */ + if (getuid() != 0) + return 0; + caps = cap_init(); assert(caps); @@ -106,6 +111,10 @@ int pa_drop_caps(void) { cap_t caps; int r = -1; + /* Only drop caps when called SUID */ + if (getuid() != 0) + return 0; + caps = cap_init(); assert(caps); diff --git a/src/daemon/main.c b/src/daemon/main.c index 8b905b31..3f489981 100644 --- a/src/daemon/main.c +++ b/src/daemon/main.c @@ -328,8 +328,7 @@ int main(int argc, char *argv[]) { setlocale(LC_ALL, ""); - if (getuid() != 0) - pa_limit_caps(); + pa_limit_caps(); #ifdef HAVE_GETUID suid_root = getuid() != 0 && geteuid() == 0; @@ -377,8 +376,7 @@ int main(int argc, char *argv[]) { if (conf->high_priority && conf->cmd == PA_CMD_DAEMON) pa_raise_priority(); - if (getuid() != 0) - pa_drop_caps(); + pa_drop_caps(); if (suid_root) pa_drop_root(); |