diff options
author | Lennart Poettering <lennart@poettering.net> | 2007-08-16 19:48:49 +0000 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2007-08-16 19:48:49 +0000 |
commit | 876e682ad8ef324e80c6ef1ec296715dc086fa04 (patch) | |
tree | 9404caf1031fd5f9b137225fd5105f3e911c3f3e | |
parent | 5e93816e1b96463865b2951abad68b235f149a4e (diff) |
never stay root after startup, even if we don't have capabilites
git-svn-id: file:///home/lennart/svn/public/pulseaudio/branches/lennart@1678 fefdeb5f-60dc-0310-8127-8f9354f1896f
-rw-r--r-- | src/daemon/main.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/src/daemon/main.c b/src/daemon/main.c index eac470bf..cf2e628b 100644 --- a/src/daemon/main.c +++ b/src/daemon/main.c @@ -336,10 +336,19 @@ int main(int argc, char *argv[]) { #endif if (suid_root) { - if (pa_limit_caps() > 0) - /* We managed to drop capabilities except the needed - * ones. Hence we can drop the uid. */ - pa_drop_root(); + /* Drop all capabilities except CAP_SYS_NICE */ + pa_limit_caps(); + + /* Drop priviliges, but keep CAP_SYS_NICE */ + pa_drop_root(); + + /* After dropping root, the effective set is reset, hence, + * let's raise it again */ + pa_limit_caps(); + + /* When capabilities are not supported we will not be able to + * aquire RT sched anymore. But yes, that's the way it is. It + * is just too risky tun let PA run as root all the time. */ } setlocale(LC_ALL, ""); @@ -386,7 +395,7 @@ int main(int argc, char *argv[]) { if (conf->high_priority && conf->cmd == PA_CMD_DAEMON) pa_raise_priority(); - if (suid_root) { + if (suid_root && conf->cmd != PA_CMD_DAEMON) { pa_drop_caps(); pa_drop_root(); } |