Implement uid/gid argument to uv_spawn #389

Closed
wants to merge 2 commits into
from
Jump to file or symbol
Failed to load files and symbols.
+60 −0
Split
View
@@ -1106,6 +1106,20 @@ typedef struct uv_process_options_s {
*/
char* cwd;
+ /*
+ * If not -1, this represents the group ID that the subprocess should
+ * setgid to before executing.
+ * Unix only.
+ */
+ gid_t gid;
+
+ /*
+ * If not -1, this represents the user ID that the subprocess should
+ * setuid to before executing.
+ * Unix only.
+ */
+ uid_t uid;
+
/*
* TODO describe how this works.
*/
View
@@ -263,6 +263,16 @@ int uv_spawn(uv_loop_t* loop, uv_process_t* process,
_exit(127);
}
+ if (options.gid != (gid_t)(-1) && setgid(options.gid)) {
+ perror("setgid()");
+ _exit(127);
+ }
+
+ if (options.uid != (uid_t)(-1) && setuid(options.uid)) {
+ perror("setuid()");
+ _exit(127);
+ }
+
environ = options.env;
execvp(options.file, options.args);
View
@@ -25,6 +25,10 @@
#include <stdlib.h>
#include <string.h>
+#ifdef setuid
+# include <pwd.h>
+#endif
+
static int close_cb_called;
static int exit_cb_called;
static uv_process_t process;
@@ -115,6 +119,8 @@ static void init_process_options(char* test, uv_exit_cb exit_cb) {
options.file = exepath;
options.args = args;
options.exit_cb = exit_cb;
+ options.uid = (uid_t)(-1);
+ options.gid = (gid_t)(-1);
}
@@ -517,3 +523,33 @@ TEST_IMPL(environment_creation) {
return 0;
}
#endif
+
+#ifdef setuid
+TEST_IMPL(setuid) {
+ /* if not root, then this will fail. */
+ int me;
+ me = getuid();
+ if (m != 0) {
+ return 0;
+ }
+
+ init_process_options("spawn_setuid", exit_cb);
+
+ // become the "nobody" user.
+ struct passwd *pw;
+ pw = getpwnam("nobody");
+ options.uid = pw.pw_uid;
+ options.gid = pw.pw_gid;
+
+ r = uv_spawn(uv_default_loop(), &process, options);
+ ASSERT(r == 0);
+
+ r = uv_run(uv_default_loop());
+ ASSERT(r == 0);
+
+ ASSERT(exit_cb_called == 1);
+ ASSERT(close_cb_called == 1);
+
+ return 0;
+}
+#endif