svn commit: r218049 - head/sbin/hastd
Pawel Jakub Dawidek
pjd at FreeBSD.org
Fri Jan 28 22:35:46 UTC 2011
Author: pjd
Date: Fri Jan 28 22:35:46 2011
New Revision: 218049
URL: http://svn.freebsd.org/changeset/base/218049
Log:
Drop privileges in worker processes.
Accepting connections and handshaking in secondary is still done before
dropping privileges. It should be implemented by only accepting connections in
privileged main process and passing connection descriptors to the worker, but
is not implemented yet.
MFC after: 1 week
Modified:
head/sbin/hastd/primary.c
head/sbin/hastd/secondary.c
Modified: head/sbin/hastd/primary.c
==============================================================================
--- head/sbin/hastd/primary.c Fri Jan 28 22:33:47 2011 (r218048)
+++ head/sbin/hastd/primary.c Fri Jan 28 22:35:46 2011 (r218049)
@@ -847,6 +847,11 @@ hastd_primary(struct hast_resource *res)
init_ggate(res);
init_environment(res);
+ if (drop_privs() != 0) {
+ cleanup(res);
+ exit(EX_CONFIG);
+ }
+
/*
* Create the guard thread first, so we can handle signals from the
* very begining.
Modified: head/sbin/hastd/secondary.c
==============================================================================
--- head/sbin/hastd/secondary.c Fri Jan 28 22:33:47 2011 (r218048)
+++ head/sbin/hastd/secondary.c Fri Jan 28 22:35:46 2011 (r218049)
@@ -413,6 +413,9 @@ hastd_secondary(struct hast_resource *re
init_local(res);
init_environment();
+ if (drop_privs() != 0)
+ exit(EX_CONFIG);
+
/*
* Create the control thread before sending any event to the parent,
* as we can deadlock when parent sends control request to worker,
More information about the svn-src-all
mailing list