[tuxdroid-svn] r352 - in daemon/trunk: . libs

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Author: neimad
Date: 2007-06-05 23:26:38 +0200 (Tue, 05 Jun 2007)
New Revision: 352

Modified:
   daemon/trunk/libs/USBDaemon_usb_enum.c
   daemon/trunk/main.c
Log:
* The daemon now raises its privileges (to its initial uid and gid)
  when exiting, so that it is able to delete its pid file.

  Note that a side effect of this patch is that privileges are dropped
  after usb_init_TuxDroid() has completed, whereas it was done about
  half way through before. So if we really want to tighten things up,
  we'll have to rework the USB initialiation a bit.

Fixes issue #19.



Modified: daemon/trunk/libs/USBDaemon_usb_enum.c
===================================================================

--- daemon/trunk/libs/USBDaemon_usb_enum.c	2007-06-05 20:25:26 UTC (rev 351)
+++ daemon/trunk/libs/USBDaemon_usb_enum.c	2007-06-05 21:26:38 UTC (rev 352)
@@ -76,9 +76,6 @@
     /* Open usb device */
     tux_hdl = usb_open(tux_dev);
 
-    setgid(NEWGID);
-    setuid(NEWUID);
-
     if (!tux_hdl)
     {
         log_error("Can't open device: %s (%d)", strerror(errno), errno);

Modified: daemon/trunk/main.c
===================================================================
--- daemon/trunk/main.c	2007-06-05 20:25:26 UTC (rev 351)
+++ daemon/trunk/main.c	2007-06-05 21:26:38 UTC (rev 352)
@@ -27,6 +27,7 @@
 #include <string.h>
 #include <usb.h>
 #include <errno.h>
+#include <unistd.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
@@ -57,6 +58,9 @@
 unsigned short daemon_pid = 0;
 unsigned char daemonized = 0;
 
+static pid_t user = (pid_t)-1;   /**< Initial user id */
+static gid_t group = (gid_t)-1;  /**< Initial group id */
+
 /************************************************************************ */
 
 /* Setup daemon info from version string */
@@ -123,6 +127,45 @@
 }
 
 /**
+ * Drop privileges.
+ *
+ * \return 0 if successful, -1 otherwise
+ */
+static int drop_privileges(void)
+{
+    log_debug("Dropping privileges");
+
+    /* Store initial uid and gid */
+    user = getuid();
+    group = getgid();
+
+    if (setegid(NEWGID) == 0 && seteuid(NEWUID) == 0)
+        return 0;
+
+    log_error("Failed dropping privileges");
+    return -1;
+}
+
+/**
+ * Raise privileges.
+ *
+ * \return 0 if successful, -1 otherwise
+ */
+static int raise_privileges(void)
+{
+    if (user == (pid_t)-1 || group == (pid_t)-1)
+        return 0;
+
+    log_debug("Raising privileges");
+
+    if (setuid(user) == 0 && setgid(group) == 0)
+        return 0;
+
+    log_error("Failed raising privileges");
+    return -1;
+}
+
+/**
  * \brief Called when exiting. Performs cleanup.
  *
  * This function is registered with atexit() to be called whenever we quit the
@@ -134,6 +177,8 @@
 {
     send_daemon_disconnected();
 
+    raise_privileges();
+
     if (daemonized && remove_pid())
         log_error("Could not delete PID file");
 
@@ -343,6 +388,9 @@
     if (!usb_init_TuxDroid())
         exit(1);
 
+    if (drop_privileges() < 0)
+        exit(1);
+
     tcp_server_loop();
 
     exit(0);



