diff options
author | Eelco Dolstra <e.dolstra@tudelft.nl> | 2006-12-07T16·40+0000 |
---|---|---|
committer | Eelco Dolstra <e.dolstra@tudelft.nl> | 2006-12-07T16·40+0000 |
commit | a82d80ddeb6f68ff136124dfb591a404bb195ea3 (patch) | |
tree | b40ce775db3ae90451637f3e61ae4a5fb5ec3ccf | |
parent | f76fdb6d42a1b539fcf0b77d8efc5262283a19ea (diff) |
* Move setuidCleanup() to libutil.
-rw-r--r-- | src/libmain/setuid-common.hh | 22 | ||||
-rw-r--r-- | src/libmain/shared.cc | 3 | ||||
-rw-r--r-- | src/libutil/util.cc | 16 | ||||
-rw-r--r-- | src/libutil/util.hh | 4 | ||||
-rw-r--r-- | src/nix-setuid-helper/main.cc | 5 |
5 files changed, 23 insertions, 27 deletions
diff --git a/src/libmain/setuid-common.hh b/src/libmain/setuid-common.hh deleted file mode 100644 index a3e840996161..000000000000 --- a/src/libmain/setuid-common.hh +++ /dev/null @@ -1,22 +0,0 @@ -/* Code shared between libmain and nix-setuid-helper. */ - -extern char * * environ; - - -namespace nix { - - -void setuidCleanup() -{ - /* Don't trust the environment. */ - environ = 0; - - /* Make sure that file descriptors 0, 1, 2 are open. */ - for (int fd = 0; fd <= 2; ++fd) { - struct stat st; - if (fstat(fd, &st) == -1) abort(); - } -} - - -} diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index fa72ca5bc444..d7fb240192b6 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -14,9 +14,6 @@ #include <aterm2.h> -#include "setuid-common.hh" - - namespace nix { diff --git a/src/libutil/util.cc b/src/libutil/util.cc index b152dc8f4b0b..fb6411408d08 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -17,6 +17,9 @@ #include "util.hh" +extern char * * environ; + + namespace nix { @@ -818,6 +821,19 @@ void quickExit(int status) } +void setuidCleanup() +{ + /* Don't trust the environment. */ + environ = 0; + + /* Make sure that file descriptors 0, 1, 2 are open. */ + for (int fd = 0; fd <= 2; ++fd) { + struct stat st; + if (fstat(fd, &st) == -1) abort(); + } +} + + ////////////////////////////////////////////////////////////////////// diff --git a/src/libutil/util.hh b/src/libutil/util.hh index b850ee798c7c..8f79ec9be2c1 100644 --- a/src/libutil/util.hh +++ b/src/libutil/util.hh @@ -237,6 +237,10 @@ string runProgram(Path program); Cygwin, _exit() doesn't seem to do the right thing.) */ void quickExit(int status); +/* Common initialisation for setuid programs: clear the environment, + sanitize file handles 0, 1 and 2. */ +void setuidCleanup(); + /* User interruption. */ diff --git a/src/nix-setuid-helper/main.cc b/src/nix-setuid-helper/main.cc index dc0b2cd6cbd5..26cdc73b7911 100644 --- a/src/nix-setuid-helper/main.cc +++ b/src/nix-setuid-helper/main.cc @@ -12,11 +12,12 @@ #include "util.hh" -#include "../libmain/setuid-common.hh" - using namespace nix; +extern char * * environ; + + /* Recursively change the ownership of `path' to user `uidTo' and group `gidTo'. `path' must currently be owned by user `uidFrom', or, if `uidFrom' is -1, by group `gidFrom'. */ |