Blame tmux-1.0-04_dropping_unnecessary_privileges.diff
|
Sven Lankes |
1c52c0 |
--- tmux.c.orig 2010-07-19 07:07:06.311243142 +0200
|
|
Sven Lankes |
1c52c0 |
+++ tmux.c 2010-07-19 07:08:54.969213735 +0200
|
|
Sven Lankes |
1c52c0 |
@@ -185,9 +185,10 @@
|
|
Sven Lankes |
580ca5 |
{
|
|
Sven Lankes |
580ca5 |
char base[MAXPATHLEN], *path;
|
|
Sven Lankes |
580ca5 |
struct stat sb;
|
|
Sven Lankes |
580ca5 |
- u_int uid;
|
|
Sven Lankes |
580ca5 |
+ u_int uid,gid;
|
|
Sven Lankes |
580ca5 |
|
|
Sven Lankes |
580ca5 |
uid = getuid();
|
|
Sven Lankes |
1c52c0 |
+ gid = getgid();
|
|
Sven Lankes |
1c52c0 |
xsnprintf(base, MAXPATHLEN, "%s/tmux-%d", _PATH_TMP, uid);
|
|
Sven Lankes |
580ca5 |
|
|
Sven Lankes |
580ca5 |
if (mkdir(base, S_IRWXU) != 0 && errno != EEXIST)
|
|
Sven Lankes |
1c52c0 |
@@ -203,6 +204,9 @@
|
|
Sven Lankes |
580ca5 |
errno = EACCES;
|
|
Sven Lankes |
580ca5 |
return (NULL);
|
|
Sven Lankes |
580ca5 |
}
|
|
Sven Lankes |
1c52c0 |
+ /* drop unnecessary privileges */
|
|
Sven Lankes |
1c52c0 |
+ if (setresgid(gid, gid, gid) != 0)
|
|
Sven Lankes |
1c52c0 |
+ return (NULL);
|
|
Sven Lankes |
580ca5 |
|
|
Sven Lankes |
580ca5 |
xasprintf(&path, "%s/%s", base, label);
|
|
Sven Lankes |
580ca5 |
return (path);
|