source-git / memcached

Clone
Source Code
GIT

Blame openbsd_priv.c

c8 c8s master
  1.   8ac25d22727210f2be9bbd4083ec0f546cfbc04d
  2.   openbsd_priv.c
Blob History Raw
Packit Service 584ef9 
#include <errno.h>
Packit Service 584ef9 
#include <stdlib.h>
Packit Service 584ef9 
#include <stdio.h>
Packit Service 584ef9 
#include <string.h>
Packit Service 584ef9 
#include <unistd.h>
Packit Service 584ef9 
#include "memcached.h"
Packit Service 584ef9
Packit Service 584ef9 
/*
Packit Service 584ef9 
 * this section of code will drop all (OpenBSD) privileges including
Packit Service 584ef9 
 * those normally granted to all userland process (basic privileges). The
Packit Service 584ef9 
 * effect of this is that after running this code, the process will not able
Packit Service 584ef9 
 * to fork(), exec(), etc.  See pledge(2) for more information.
Packit Service 584ef9 
 */
Packit Service 584ef9 
void drop_privileges() {
Packit Service 584ef9 
    extern char *__progname;
Packit Service 584ef9
Packit Service 584ef9 
    if (settings.socketpath != NULL) {
Packit Service 584ef9 
       if (pledge("stdio unix", NULL) == -1) {
Packit Service 584ef9 
          fprintf(stderr, "%s: pledge: %s\n", __progname, strerror(errno));
Packit Service 584ef9 
          exit(EXIT_FAILURE);
Packit Service 584ef9 
       }
Packit Service 584ef9 
    } else {
Packit Service 584ef9 
       if (pledge("stdio inet", NULL) == -1) {
Packit Service 584ef9 
          fprintf(stderr, "%s: pledge: %s\n", __progname, strerror(errno));
Packit Service 584ef9 
          exit(EXIT_FAILURE);
Packit Service 584ef9 
       }
Packit Service 584ef9 
     }
Packit Service 584ef9 
}
Packit Service 584ef9
Packit Service 584ef9 
void setup_privilege_violations_handler(void) {
Packit Service 584ef9 
   // not needed
Packit Service 584ef9 
}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation