From a82d80ddeb6f68ff136124dfb591a404bb195ea3 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <e.dolstra@tudelft.nl>
Date: Thu, 7 Dec 2006 16:40:41 +0000
Subject: * Move setuidCleanup() to libutil.

---
 src/libutil/util.cc | 16 ++++++++++++++++
 src/libutil/util.hh |  4 ++++
 2 files changed, 20 insertions(+)

(limited to 'src/libutil')

diff --git a/src/libutil/util.cc b/src/libutil/util.cc
index b152dc8f4b0b..fb6411408d08 100644
--- a/src/libutil/util.cc
+++ b/src/libutil/util.cc
@@ -17,6 +17,9 @@
 #include "util.hh"
 
 
+extern char * * environ;
+
+
 namespace nix {
 
 
@@ -818,6 +821,19 @@ void quickExit(int status)
 }
 
 
+void setuidCleanup()
+{
+    /* Don't trust the environment. */
+    environ = 0;
+
+    /* Make sure that file descriptors 0, 1, 2 are open. */
+    for (int fd = 0; fd <= 2; ++fd) {
+        struct stat st;
+        if (fstat(fd, &st) == -1) abort();
+    }
+}
+
+
 //////////////////////////////////////////////////////////////////////
 
 
diff --git a/src/libutil/util.hh b/src/libutil/util.hh
index b850ee798c7c..8f79ec9be2c1 100644
--- a/src/libutil/util.hh
+++ b/src/libutil/util.hh
@@ -237,6 +237,10 @@ string runProgram(Path program);
    Cygwin, _exit() doesn't seem to do the right thing.) */
 void quickExit(int status);
 
+/* Common initialisation for setuid programs: clear the environment,
+   sanitize file handles 0, 1 and 2. */
+void setuidCleanup();
+
 
 /* User interruption. */
 
-- 
cgit 1.4.1